pkisecret

package
v6.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 4, 2024 License: Apache-2.0 Imports: 7 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type BackendConfigCluster 

type BackendConfigCluster struct {
	pulumi.CustomResourceState

	// Specifies the path to this performance replication cluster's AIA distribution point.
	AiaPath pulumi.StringPtrOutput `pulumi:"aiaPath"`
	// The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
	Backend pulumi.StringOutput `pulumi:"backend"`
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrOutput `pulumi:"namespace"`
	// Specifies the path to this performance replication cluster's API mount path.
	Path pulumi.StringPtrOutput `pulumi:"path"`
}

Allows setting the cluster-local's API mount path and AIA distribution point on a particular performance replication cluster.

## Example Usage

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault"
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/pkiSecret"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		root, err := vault.NewMount(ctx, "root", &vault.MountArgs{
			Path:                   pulumi.String("pki-root"),
			Type:                   pulumi.String("pki"),
			Description:            pulumi.String("root PKI"),
			DefaultLeaseTtlSeconds: pulumi.Int(8640000),
			MaxLeaseTtlSeconds:     pulumi.Int(8640000),
		})
		if err != nil {
			return err
		}
		_, err = pkiSecret.NewBackendConfigCluster(ctx, "example", &pkiSecret.BackendConfigClusterArgs{
			Backend: root.Path,
			Path:    pulumi.String("http://127.0.0.1:8200/v1/pki-root"),
			AiaPath: pulumi.String("http://127.0.0.1:8200/v1/pki-root"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

## Import

The PKI config cluster can be imported using the resource's `id`. In the case of the example above the `id` would be `pki-root/config/cluster`, where the `pki-root` component is the resource's `backend`, e.g.

```sh $ pulumi import vault:pkiSecret/backendConfigCluster:BackendConfigCluster example pki-root/config/cluster ```

func GetBackendConfigCluster 

func GetBackendConfigCluster(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *BackendConfigClusterState, opts ...pulumi.ResourceOption) (*BackendConfigCluster, error)

GetBackendConfigCluster gets an existing BackendConfigCluster resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewBackendConfigCluster 

func NewBackendConfigCluster(ctx *pulumi.Context,
	name string, args *BackendConfigClusterArgs, opts ...pulumi.ResourceOption) (*BackendConfigCluster, error)

NewBackendConfigCluster registers a new resource with the given unique name, arguments, and options.

func (*BackendConfigCluster) ElementType 

func (*BackendConfigCluster) ElementType() reflect.Type

func (*BackendConfigCluster) ToBackendConfigClusterOutput 

func (i *BackendConfigCluster) ToBackendConfigClusterOutput() BackendConfigClusterOutput

func (*BackendConfigCluster) ToBackendConfigClusterOutputWithContext 

func (i *BackendConfigCluster) ToBackendConfigClusterOutputWithContext(ctx context.Context) BackendConfigClusterOutput

type BackendConfigClusterArgs 

type BackendConfigClusterArgs struct {
	// Specifies the path to this performance replication cluster's AIA distribution point.
	AiaPath pulumi.StringPtrInput
	// The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
	Backend pulumi.StringInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// Specifies the path to this performance replication cluster's API mount path.
	Path pulumi.StringPtrInput
}

The set of arguments for constructing a BackendConfigCluster resource.

func (BackendConfigClusterArgs) ElementType 

func (BackendConfigClusterArgs) ElementType() reflect.Type

type BackendConfigClusterArray 

type BackendConfigClusterArray []BackendConfigClusterInput

func (BackendConfigClusterArray) ElementType 

func (BackendConfigClusterArray) ElementType() reflect.Type

func (BackendConfigClusterArray) ToBackendConfigClusterArrayOutput 

func (i BackendConfigClusterArray) ToBackendConfigClusterArrayOutput() BackendConfigClusterArrayOutput

func (BackendConfigClusterArray) ToBackendConfigClusterArrayOutputWithContext 

func (i BackendConfigClusterArray) ToBackendConfigClusterArrayOutputWithContext(ctx context.Context) BackendConfigClusterArrayOutput

type BackendConfigClusterArrayInput 

type BackendConfigClusterArrayInput interface {
	pulumi.Input

	ToBackendConfigClusterArrayOutput() BackendConfigClusterArrayOutput
	ToBackendConfigClusterArrayOutputWithContext(context.Context) BackendConfigClusterArrayOutput
}

BackendConfigClusterArrayInput is an input type that accepts BackendConfigClusterArray and BackendConfigClusterArrayOutput values. You can construct a concrete instance of `BackendConfigClusterArrayInput` via: 

BackendConfigClusterArray{ BackendConfigClusterArgs{...} }

type BackendConfigClusterArrayOutput 

type BackendConfigClusterArrayOutput struct{ *pulumi.OutputState }

func (BackendConfigClusterArrayOutput) ElementType 

func (BackendConfigClusterArrayOutput) ElementType() reflect.Type

func (BackendConfigClusterArrayOutput) Index 

func (o BackendConfigClusterArrayOutput) Index(i pulumi.IntInput) BackendConfigClusterOutput

func (BackendConfigClusterArrayOutput) ToBackendConfigClusterArrayOutput 

func (o BackendConfigClusterArrayOutput) ToBackendConfigClusterArrayOutput() BackendConfigClusterArrayOutput

func (BackendConfigClusterArrayOutput) ToBackendConfigClusterArrayOutputWithContext 

func (o BackendConfigClusterArrayOutput) ToBackendConfigClusterArrayOutputWithContext(ctx context.Context) BackendConfigClusterArrayOutput

type BackendConfigClusterInput 

type BackendConfigClusterInput interface {
	pulumi.Input

	ToBackendConfigClusterOutput() BackendConfigClusterOutput
	ToBackendConfigClusterOutputWithContext(ctx context.Context) BackendConfigClusterOutput
}

type BackendConfigClusterMap 

type BackendConfigClusterMap map[string]BackendConfigClusterInput

func (BackendConfigClusterMap) ElementType 

func (BackendConfigClusterMap) ElementType() reflect.Type

func (BackendConfigClusterMap) ToBackendConfigClusterMapOutput 

func (i BackendConfigClusterMap) ToBackendConfigClusterMapOutput() BackendConfigClusterMapOutput

func (BackendConfigClusterMap) ToBackendConfigClusterMapOutputWithContext 

func (i BackendConfigClusterMap) ToBackendConfigClusterMapOutputWithContext(ctx context.Context) BackendConfigClusterMapOutput

type BackendConfigClusterMapInput 

type BackendConfigClusterMapInput interface {
	pulumi.Input

	ToBackendConfigClusterMapOutput() BackendConfigClusterMapOutput
	ToBackendConfigClusterMapOutputWithContext(context.Context) BackendConfigClusterMapOutput
}

BackendConfigClusterMapInput is an input type that accepts BackendConfigClusterMap and BackendConfigClusterMapOutput values. You can construct a concrete instance of `BackendConfigClusterMapInput` via: 

BackendConfigClusterMap{ "key": BackendConfigClusterArgs{...} }

type BackendConfigClusterMapOutput 

type BackendConfigClusterMapOutput struct{ *pulumi.OutputState }

func (BackendConfigClusterMapOutput) ElementType 

func (BackendConfigClusterMapOutput) ElementType() reflect.Type

func (BackendConfigClusterMapOutput) MapIndex 

func (o BackendConfigClusterMapOutput) MapIndex(k pulumi.StringInput) BackendConfigClusterOutput

func (BackendConfigClusterMapOutput) ToBackendConfigClusterMapOutput 

func (o BackendConfigClusterMapOutput) ToBackendConfigClusterMapOutput() BackendConfigClusterMapOutput

func (BackendConfigClusterMapOutput) ToBackendConfigClusterMapOutputWithContext 

func (o BackendConfigClusterMapOutput) ToBackendConfigClusterMapOutputWithContext(ctx context.Context) BackendConfigClusterMapOutput

type BackendConfigClusterOutput 

type BackendConfigClusterOutput struct{ *pulumi.OutputState }

func (BackendConfigClusterOutput) AiaPath 

func (o BackendConfigClusterOutput) AiaPath() pulumi.StringPtrOutput

Specifies the path to this performance replication cluster's AIA distribution point.

func (BackendConfigClusterOutput) Backend 

func (o BackendConfigClusterOutput) Backend() pulumi.StringOutput

The path the PKI secret backend is mounted at, with no leading or trailing `/`s.

func (BackendConfigClusterOutput) ElementType 

func (BackendConfigClusterOutput) ElementType() reflect.Type

func (BackendConfigClusterOutput) Namespace 

func (o BackendConfigClusterOutput) Namespace() pulumi.StringPtrOutput

The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). *Available only for Vault Enterprise*.

func (BackendConfigClusterOutput) Path 

func (o BackendConfigClusterOutput) Path() pulumi.StringPtrOutput

Specifies the path to this performance replication cluster's API mount path.

func (BackendConfigClusterOutput) ToBackendConfigClusterOutput 

func (o BackendConfigClusterOutput) ToBackendConfigClusterOutput() BackendConfigClusterOutput

func (BackendConfigClusterOutput) ToBackendConfigClusterOutputWithContext 

func (o BackendConfigClusterOutput) ToBackendConfigClusterOutputWithContext(ctx context.Context) BackendConfigClusterOutput

type BackendConfigClusterState 

type BackendConfigClusterState struct {
	// Specifies the path to this performance replication cluster's AIA distribution point.
	AiaPath pulumi.StringPtrInput
	// The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
	Backend pulumi.StringPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// Specifies the path to this performance replication cluster's API mount path.
	Path pulumi.StringPtrInput
}

func (BackendConfigClusterState) ElementType 

func (BackendConfigClusterState) ElementType() reflect.Type

type GetBackendIssuerArgs 

type GetBackendIssuerArgs struct {
	// The path to the PKI secret backend to
	// read the issuer from, with no leading or trailing `/`s.
	Backend string `pulumi:"backend"`
	// Reference to an existing issuer.
	IssuerRef string `pulumi:"issuerRef"`
	// The namespace of the target resource.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace *string `pulumi:"namespace"`
}

A collection of arguments for invoking getBackendIssuer.

type GetBackendIssuerOutputArgs 

type GetBackendIssuerOutputArgs struct {
	// The path to the PKI secret backend to
	// read the issuer from, with no leading or trailing `/`s.
	Backend pulumi.StringInput `pulumi:"backend"`
	// Reference to an existing issuer.
	IssuerRef pulumi.StringInput `pulumi:"issuerRef"`
	// The namespace of the target resource.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput `pulumi:"namespace"`
}

A collection of arguments for invoking getBackendIssuer.

func (GetBackendIssuerOutputArgs) ElementType 

func (GetBackendIssuerOutputArgs) ElementType() reflect.Type

type GetBackendIssuerResult 

type GetBackendIssuerResult struct {
	Backend string `pulumi:"backend"`
	// The CA chain as a list of format specific certificates.
	CaChains []string `pulumi:"caChains"`
	// Certificate associated with this issuer.
	Certificate string `pulumi:"certificate"`
	// The provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// ID of the issuer.
	IssuerId string `pulumi:"issuerId"`
	// Name of the issuer.
	IssuerName string `pulumi:"issuerName"`
	IssuerRef  string `pulumi:"issuerRef"`
	// ID of the key used by the issuer.
	KeyId string `pulumi:"keyId"`
	// Behavior of a leaf's NotAfter field during issuance.
	LeafNotAfterBehavior string `pulumi:"leafNotAfterBehavior"`
	// Chain of issuer references to build this issuer's computed
	// CAChain field from, when non-empty.
	ManualChains []string `pulumi:"manualChains"`
	Namespace    *string  `pulumi:"namespace"`
	// Allowed usages for this issuer.
	Usage string `pulumi:"usage"`
}

A collection of values returned by getBackendIssuer.

func GetBackendIssuer 

func GetBackendIssuer(ctx *pulumi.Context, args *GetBackendIssuerArgs, opts ...pulumi.InvokeOption) (*GetBackendIssuerResult, error)

## Example Usage

type GetBackendIssuerResultOutput 

type GetBackendIssuerResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getBackendIssuer.

func GetBackendIssuerOutput 

func GetBackendIssuerOutput(ctx *pulumi.Context, args GetBackendIssuerOutputArgs, opts ...pulumi.InvokeOption) GetBackendIssuerResultOutput

func (GetBackendIssuerResultOutput) Backend 

func (o GetBackendIssuerResultOutput) Backend() pulumi.StringOutput

func (GetBackendIssuerResultOutput) CaChains 

func (o GetBackendIssuerResultOutput) CaChains() pulumi.StringArrayOutput

The CA chain as a list of format specific certificates.

func (GetBackendIssuerResultOutput) Certificate 

func (o GetBackendIssuerResultOutput) Certificate() pulumi.StringOutput

Certificate associated with this issuer.

func (GetBackendIssuerResultOutput) ElementType 

func (GetBackendIssuerResultOutput) ElementType() reflect.Type

func (GetBackendIssuerResultOutput) Id 

func (o GetBackendIssuerResultOutput) Id() pulumi.StringOutput

The provider-assigned unique ID for this managed resource.

func (GetBackendIssuerResultOutput) IssuerId 

func (o GetBackendIssuerResultOutput) IssuerId() pulumi.StringOutput

ID of the issuer.

func (GetBackendIssuerResultOutput) IssuerName 

func (o GetBackendIssuerResultOutput) IssuerName() pulumi.StringOutput

Name of the issuer.

func (GetBackendIssuerResultOutput) IssuerRef 

func (o GetBackendIssuerResultOutput) IssuerRef() pulumi.StringOutput

func (GetBackendIssuerResultOutput) KeyId 

func (o GetBackendIssuerResultOutput) KeyId() pulumi.StringOutput

ID of the key used by the issuer.

func (GetBackendIssuerResultOutput) LeafNotAfterBehavior 

func (o GetBackendIssuerResultOutput) LeafNotAfterBehavior() pulumi.StringOutput

Behavior of a leaf's NotAfter field during issuance.

func (GetBackendIssuerResultOutput) ManualChains 

func (o GetBackendIssuerResultOutput) ManualChains() pulumi.StringArrayOutput

Chain of issuer references to build this issuer's computed CAChain field from, when non-empty.

func (GetBackendIssuerResultOutput) Namespace 

func (o GetBackendIssuerResultOutput) Namespace() pulumi.StringPtrOutput

func (GetBackendIssuerResultOutput) ToGetBackendIssuerResultOutput 

func (o GetBackendIssuerResultOutput) ToGetBackendIssuerResultOutput() GetBackendIssuerResultOutput

func (GetBackendIssuerResultOutput) ToGetBackendIssuerResultOutputWithContext 

func (o GetBackendIssuerResultOutput) ToGetBackendIssuerResultOutputWithContext(ctx context.Context) GetBackendIssuerResultOutput

func (GetBackendIssuerResultOutput) Usage 

func (o GetBackendIssuerResultOutput) Usage() pulumi.StringOutput

Allowed usages for this issuer.

type GetBackendIssuersArgs 

type GetBackendIssuersArgs struct {
	// The path to the PKI secret backend to
	// read the issuers from, with no leading or trailing `/`s.
	Backend string `pulumi:"backend"`
	// The namespace of the target resource.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace *string `pulumi:"namespace"`
}

A collection of arguments for invoking getBackendIssuers.

type GetBackendIssuersOutputArgs 

type GetBackendIssuersOutputArgs struct {
	// The path to the PKI secret backend to
	// read the issuers from, with no leading or trailing `/`s.
	Backend pulumi.StringInput `pulumi:"backend"`
	// The namespace of the target resource.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput `pulumi:"namespace"`
}

A collection of arguments for invoking getBackendIssuers.

func (GetBackendIssuersOutputArgs) ElementType 

func (GetBackendIssuersOutputArgs) ElementType() reflect.Type

type GetBackendIssuersResult 

type GetBackendIssuersResult struct {
	Backend string `pulumi:"backend"`
	// The provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// Map of issuer strings read from Vault.
	KeyInfo map[string]interface{} `pulumi:"keyInfo"`
	// JSON-encoded issuer data read from Vault.
	KeyInfoJson string `pulumi:"keyInfoJson"`
	// Keys used by issuers under the backend path.
	Keys      []string `pulumi:"keys"`
	Namespace *string  `pulumi:"namespace"`
}

A collection of values returned by getBackendIssuers.

func GetBackendIssuers 

func GetBackendIssuers(ctx *pulumi.Context, args *GetBackendIssuersArgs, opts ...pulumi.InvokeOption) (*GetBackendIssuersResult, error)

## Example Usage

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault"
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/pkiSecret"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		pki, err := vault.NewMount(ctx, "pki", &vault.MountArgs{
			Path:        pulumi.String("pki"),
			Type:        pulumi.String("pki"),
			Description: pulumi.String("PKI secret engine mount"),
		})
		if err != nil {
			return err
		}
		root, err := pkiSecret.NewSecretBackendRootCert(ctx, "root", &pkiSecret.SecretBackendRootCertArgs{
			Backend:    pki.Path,
			Type:       pulumi.String("internal"),
			CommonName: pulumi.String("example"),
			Ttl:        pulumi.String("86400"),
			IssuerName: pulumi.String("example"),
		})
		if err != nil {
			return err
		}
		_ = pkiSecret.GetBackendIssuersOutput(ctx, pkisecret.GetBackendIssuersOutputArgs{
			Backend: root.Backend,
		}, nil)
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

type GetBackendIssuersResultOutput 

type GetBackendIssuersResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getBackendIssuers.

func GetBackendIssuersOutput 

func GetBackendIssuersOutput(ctx *pulumi.Context, args GetBackendIssuersOutputArgs, opts ...pulumi.InvokeOption) GetBackendIssuersResultOutput

func (GetBackendIssuersResultOutput) Backend 

func (o GetBackendIssuersResultOutput) Backend() pulumi.StringOutput

func (GetBackendIssuersResultOutput) ElementType 

func (GetBackendIssuersResultOutput) ElementType() reflect.Type

func (GetBackendIssuersResultOutput) Id 

func (o GetBackendIssuersResultOutput) Id() pulumi.StringOutput

The provider-assigned unique ID for this managed resource.

func (GetBackendIssuersResultOutput) KeyInfo 

func (o GetBackendIssuersResultOutput) KeyInfo() pulumi.MapOutput

Map of issuer strings read from Vault.

func (GetBackendIssuersResultOutput) KeyInfoJson 

func (o GetBackendIssuersResultOutput) KeyInfoJson() pulumi.StringOutput

JSON-encoded issuer data read from Vault.

func (GetBackendIssuersResultOutput) Keys 

func (o GetBackendIssuersResultOutput) Keys() pulumi.StringArrayOutput

Keys used by issuers under the backend path.

func (GetBackendIssuersResultOutput) Namespace 

func (o GetBackendIssuersResultOutput) Namespace() pulumi.StringPtrOutput

func (GetBackendIssuersResultOutput) ToGetBackendIssuersResultOutput 

func (o GetBackendIssuersResultOutput) ToGetBackendIssuersResultOutput() GetBackendIssuersResultOutput

func (GetBackendIssuersResultOutput) ToGetBackendIssuersResultOutputWithContext 

func (o GetBackendIssuersResultOutput) ToGetBackendIssuersResultOutputWithContext(ctx context.Context) GetBackendIssuersResultOutput

type GetBackendKeyArgs 

type GetBackendKeyArgs struct {
	// The path to the PKI secret backend to
	// read the key from, with no leading or trailing `/`s.
	Backend string `pulumi:"backend"`
	// Reference to an existing key.
	KeyRef string `pulumi:"keyRef"`
	// The namespace of the target resource.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace *string `pulumi:"namespace"`
}

A collection of arguments for invoking getBackendKey.

type GetBackendKeyOutputArgs 

type GetBackendKeyOutputArgs struct {
	// The path to the PKI secret backend to
	// read the key from, with no leading or trailing `/`s.
	Backend pulumi.StringInput `pulumi:"backend"`
	// Reference to an existing key.
	KeyRef pulumi.StringInput `pulumi:"keyRef"`
	// The namespace of the target resource.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput `pulumi:"namespace"`
}

A collection of arguments for invoking getBackendKey.

func (GetBackendKeyOutputArgs) ElementType 

func (GetBackendKeyOutputArgs) ElementType() reflect.Type

type GetBackendKeyResult 

type GetBackendKeyResult struct {
	Backend string `pulumi:"backend"`
	// The provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// ID of the key.
	KeyId string `pulumi:"keyId"`
	// Name of the key.
	KeyName string `pulumi:"keyName"`
	KeyRef  string `pulumi:"keyRef"`
	// Type of the key.
	KeyType   string  `pulumi:"keyType"`
	Namespace *string `pulumi:"namespace"`
}

A collection of values returned by getBackendKey.

func GetBackendKey 

func GetBackendKey(ctx *pulumi.Context, args *GetBackendKeyArgs, opts ...pulumi.InvokeOption) (*GetBackendKeyResult, error)

## Example Usage

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault"
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/pkiSecret"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		pki, err := vault.NewMount(ctx, "pki", &vault.MountArgs{
			Path:        pulumi.String("pki"),
			Type:        pulumi.String("pki"),
			Description: pulumi.String("PKI secret engine mount"),
		})
		if err != nil {
			return err
		}
		key, err := pkiSecret.NewSecretBackendKey(ctx, "key", &pkiSecret.SecretBackendKeyArgs{
			Backend: pki.Path,
			Type:    pulumi.String("internal"),
			KeyName: pulumi.String("example"),
			KeyType: pulumi.String("rsa"),
			KeyBits: pulumi.Int(4096),
		})
		if err != nil {
			return err
		}
		_ = key.KeyId.ApplyT(func(keyId string) (pkisecret.GetBackendKeyResult, error) {
			return pkiSecret.GetBackendKeyOutput(ctx, pkisecret.GetBackendKeyOutputArgs{
				Backend: vault_mount.Key.Path,
				KeyRef:  keyId,
			}, nil), nil
		}).(pkisecret.GetBackendKeyResultOutput)
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

type GetBackendKeyResultOutput 

type GetBackendKeyResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getBackendKey.

func GetBackendKeyOutput 

func GetBackendKeyOutput(ctx *pulumi.Context, args GetBackendKeyOutputArgs, opts ...pulumi.InvokeOption) GetBackendKeyResultOutput

func (GetBackendKeyResultOutput) Backend 

func (o GetBackendKeyResultOutput) Backend() pulumi.StringOutput

func (GetBackendKeyResultOutput) ElementType 

func (GetBackendKeyResultOutput) ElementType() reflect.Type

func (GetBackendKeyResultOutput) Id 

func (o GetBackendKeyResultOutput) Id() pulumi.StringOutput

The provider-assigned unique ID for this managed resource.

func (GetBackendKeyResultOutput) KeyId 

func (o GetBackendKeyResultOutput) KeyId() pulumi.StringOutput

ID of the key.

func (GetBackendKeyResultOutput) KeyName 

func (o GetBackendKeyResultOutput) KeyName() pulumi.StringOutput

Name of the key.

func (GetBackendKeyResultOutput) KeyRef 

func (o GetBackendKeyResultOutput) KeyRef() pulumi.StringOutput

func (GetBackendKeyResultOutput) KeyType 

func (o GetBackendKeyResultOutput) KeyType() pulumi.StringOutput

Type of the key.

func (GetBackendKeyResultOutput) Namespace 

func (o GetBackendKeyResultOutput) Namespace() pulumi.StringPtrOutput

func (GetBackendKeyResultOutput) ToGetBackendKeyResultOutput 

func (o GetBackendKeyResultOutput) ToGetBackendKeyResultOutput() GetBackendKeyResultOutput

func (GetBackendKeyResultOutput) ToGetBackendKeyResultOutputWithContext 

func (o GetBackendKeyResultOutput) ToGetBackendKeyResultOutputWithContext(ctx context.Context) GetBackendKeyResultOutput

type GetBackendKeysArgs 

type GetBackendKeysArgs struct {
	// The path to the PKI secret backend to
	// read the keys from, with no leading or trailing `/`s.
	Backend string `pulumi:"backend"`
	// The namespace of the target resource.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace *string `pulumi:"namespace"`
}

A collection of arguments for invoking getBackendKeys.

type GetBackendKeysOutputArgs 

type GetBackendKeysOutputArgs struct {
	// The path to the PKI secret backend to
	// read the keys from, with no leading or trailing `/`s.
	Backend pulumi.StringInput `pulumi:"backend"`
	// The namespace of the target resource.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput `pulumi:"namespace"`
}

A collection of arguments for invoking getBackendKeys.

func (GetBackendKeysOutputArgs) ElementType 

func (GetBackendKeysOutputArgs) ElementType() reflect.Type

type GetBackendKeysResult 

type GetBackendKeysResult struct {
	Backend string `pulumi:"backend"`
	// The provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// Map of key strings read from Vault.
	KeyInfo map[string]interface{} `pulumi:"keyInfo"`
	// JSON-encoded key data read from Vault.
	KeyInfoJson string `pulumi:"keyInfoJson"`
	// Keys used under the backend path.
	Keys      []string `pulumi:"keys"`
	Namespace *string  `pulumi:"namespace"`
}

A collection of values returned by getBackendKeys.

func GetBackendKeys 

func GetBackendKeys(ctx *pulumi.Context, args *GetBackendKeysArgs, opts ...pulumi.InvokeOption) (*GetBackendKeysResult, error)

## Example Usage

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault"
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/pkiSecret"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		pki, err := vault.NewMount(ctx, "pki", &vault.MountArgs{
			Path:        pulumi.String("pki"),
			Type:        pulumi.String("pki"),
			Description: pulumi.String("PKI secret engine mount"),
		})
		if err != nil {
			return err
		}
		root, err := pkiSecret.NewSecretBackendRootCert(ctx, "root", &pkiSecret.SecretBackendRootCertArgs{
			Backend:    pki.Path,
			Type:       pulumi.String("internal"),
			CommonName: pulumi.String("example"),
			Ttl:        pulumi.String("86400"),
			KeyName:    pulumi.String("example"),
		})
		if err != nil {
			return err
		}
		_ = pkiSecret.GetBackendKeysOutput(ctx, pkisecret.GetBackendKeysOutputArgs{
			Backend: root.Backend,
		}, nil)
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

type GetBackendKeysResultOutput 

type GetBackendKeysResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getBackendKeys.

func GetBackendKeysOutput 

func GetBackendKeysOutput(ctx *pulumi.Context, args GetBackendKeysOutputArgs, opts ...pulumi.InvokeOption) GetBackendKeysResultOutput

func (GetBackendKeysResultOutput) Backend 

func (o GetBackendKeysResultOutput) Backend() pulumi.StringOutput

func (GetBackendKeysResultOutput) ElementType 

func (GetBackendKeysResultOutput) ElementType() reflect.Type

func (GetBackendKeysResultOutput) Id 

func (o GetBackendKeysResultOutput) Id() pulumi.StringOutput

The provider-assigned unique ID for this managed resource.

func (GetBackendKeysResultOutput) KeyInfo 

func (o GetBackendKeysResultOutput) KeyInfo() pulumi.MapOutput

Map of key strings read from Vault.

func (GetBackendKeysResultOutput) KeyInfoJson 

func (o GetBackendKeysResultOutput) KeyInfoJson() pulumi.StringOutput

JSON-encoded key data read from Vault.

func (GetBackendKeysResultOutput) Keys 

func (o GetBackendKeysResultOutput) Keys() pulumi.StringArrayOutput

Keys used under the backend path.

func (GetBackendKeysResultOutput) Namespace 

func (o GetBackendKeysResultOutput) Namespace() pulumi.StringPtrOutput

func (GetBackendKeysResultOutput) ToGetBackendKeysResultOutput 

func (o GetBackendKeysResultOutput) ToGetBackendKeysResultOutput() GetBackendKeysResultOutput

func (GetBackendKeysResultOutput) ToGetBackendKeysResultOutputWithContext 

func (o GetBackendKeysResultOutput) ToGetBackendKeysResultOutputWithContext(ctx context.Context) GetBackendKeysResultOutput

type SecretBackendCert 

type SecretBackendCert struct {
	pulumi.CustomResourceState

	// List of alternative names
	AltNames pulumi.StringArrayOutput `pulumi:"altNames"`
	// If set to `true`, certs will be renewed if the expiration is within `minSecondsRemaining`. Default `false`
	AutoRenew pulumi.BoolPtrOutput `pulumi:"autoRenew"`
	// The PKI secret backend the resource belongs to.
	Backend pulumi.StringOutput `pulumi:"backend"`
	// The CA chain
	CaChain pulumi.StringOutput `pulumi:"caChain"`
	// The certificate
	Certificate pulumi.StringOutput `pulumi:"certificate"`
	// CN of certificate to create
	CommonName pulumi.StringOutput `pulumi:"commonName"`
	// Flag to exclude CN from SANs
	ExcludeCnFromSans pulumi.BoolPtrOutput `pulumi:"excludeCnFromSans"`
	// The expiration date of the certificate in unix epoch format
	Expiration pulumi.IntOutput `pulumi:"expiration"`
	// The format of data
	Format pulumi.StringPtrOutput `pulumi:"format"`
	// List of alternative IPs
	IpSans pulumi.StringArrayOutput `pulumi:"ipSans"`
	// Specifies the default issuer of this request.
	IssuerRef pulumi.StringPtrOutput `pulumi:"issuerRef"`
	// The issuing CA
	IssuingCa pulumi.StringOutput `pulumi:"issuingCa"`
	// Generate a new certificate when the expiration is within this number of seconds, default is 604800 (7 days)
	MinSecondsRemaining pulumi.IntPtrOutput `pulumi:"minSecondsRemaining"`
	// Name of the role to create the certificate against
	Name pulumi.StringOutput `pulumi:"name"`
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrOutput `pulumi:"namespace"`
	// List of other SANs
	OtherSans pulumi.StringArrayOutput `pulumi:"otherSans"`
	// The private key
	PrivateKey pulumi.StringOutput `pulumi:"privateKey"`
	// The private key format
	PrivateKeyFormat pulumi.StringPtrOutput `pulumi:"privateKeyFormat"`
	// The private key type
	PrivateKeyType pulumi.StringOutput `pulumi:"privateKeyType"`
	// `true` if the current time (during refresh) is after the start of the early renewal window declared by `minSecondsRemaining`, and `false` otherwise; if `autoRenew` is set to `true` then the provider will plan to replace the certificate once renewal is pending.
	RenewPending pulumi.BoolOutput `pulumi:"renewPending"`
	// If set to `true`, the certificate will be revoked on resource destruction.
	Revoke pulumi.BoolPtrOutput `pulumi:"revoke"`
	// The serial number
	SerialNumber pulumi.StringOutput `pulumi:"serialNumber"`
	// Time to live
	Ttl pulumi.StringPtrOutput `pulumi:"ttl"`
	// List of alternative URIs
	UriSans pulumi.StringArrayOutput `pulumi:"uriSans"`
	// List of Subject User IDs
	UserIds pulumi.StringArrayOutput `pulumi:"userIds"`
}

## Example Usage

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/pkiSecret"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := pkiSecret.NewSecretBackendCert(ctx, "app", &pkiSecret.SecretBackendCertArgs{
			Backend:    pulumi.Any(vault_mount.Intermediate.Path),
			CommonName: pulumi.String("app.my.domain"),
		}, pulumi.DependsOn([]pulumi.Resource{
			vault_pki_secret_backend_role.Admin,
		}))
		if err != nil {
			return err
		}
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

func GetSecretBackendCert 

func GetSecretBackendCert(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *SecretBackendCertState, opts ...pulumi.ResourceOption) (*SecretBackendCert, error)

GetSecretBackendCert gets an existing SecretBackendCert resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewSecretBackendCert 

func NewSecretBackendCert(ctx *pulumi.Context,
	name string, args *SecretBackendCertArgs, opts ...pulumi.ResourceOption) (*SecretBackendCert, error)

NewSecretBackendCert registers a new resource with the given unique name, arguments, and options.

func (*SecretBackendCert) ElementType 

func (*SecretBackendCert) ElementType() reflect.Type

func (*SecretBackendCert) ToSecretBackendCertOutput 

func (i *SecretBackendCert) ToSecretBackendCertOutput() SecretBackendCertOutput

func (*SecretBackendCert) ToSecretBackendCertOutputWithContext 

func (i *SecretBackendCert) ToSecretBackendCertOutputWithContext(ctx context.Context) SecretBackendCertOutput

type SecretBackendCertArgs 

type SecretBackendCertArgs struct {
	// List of alternative names
	AltNames pulumi.StringArrayInput
	// If set to `true`, certs will be renewed if the expiration is within `minSecondsRemaining`. Default `false`
	AutoRenew pulumi.BoolPtrInput
	// The PKI secret backend the resource belongs to.
	Backend pulumi.StringInput
	// CN of certificate to create
	CommonName pulumi.StringInput
	// Flag to exclude CN from SANs
	ExcludeCnFromSans pulumi.BoolPtrInput
	// The format of data
	Format pulumi.StringPtrInput
	// List of alternative IPs
	IpSans pulumi.StringArrayInput
	// Specifies the default issuer of this request.
	IssuerRef pulumi.StringPtrInput
	// Generate a new certificate when the expiration is within this number of seconds, default is 604800 (7 days)
	MinSecondsRemaining pulumi.IntPtrInput
	// Name of the role to create the certificate against
	Name pulumi.StringPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// List of other SANs
	OtherSans pulumi.StringArrayInput
	// The private key format
	PrivateKeyFormat pulumi.StringPtrInput
	// If set to `true`, the certificate will be revoked on resource destruction.
	Revoke pulumi.BoolPtrInput
	// Time to live
	Ttl pulumi.StringPtrInput
	// List of alternative URIs
	UriSans pulumi.StringArrayInput
	// List of Subject User IDs
	UserIds pulumi.StringArrayInput
}

The set of arguments for constructing a SecretBackendCert resource.

func (SecretBackendCertArgs) ElementType 

func (SecretBackendCertArgs) ElementType() reflect.Type

type SecretBackendCertArray 

type SecretBackendCertArray []SecretBackendCertInput

func (SecretBackendCertArray) ElementType 

func (SecretBackendCertArray) ElementType() reflect.Type

func (SecretBackendCertArray) ToSecretBackendCertArrayOutput 

func (i SecretBackendCertArray) ToSecretBackendCertArrayOutput() SecretBackendCertArrayOutput

func (SecretBackendCertArray) ToSecretBackendCertArrayOutputWithContext 

func (i SecretBackendCertArray) ToSecretBackendCertArrayOutputWithContext(ctx context.Context) SecretBackendCertArrayOutput

type SecretBackendCertArrayInput 

type SecretBackendCertArrayInput interface {
	pulumi.Input

	ToSecretBackendCertArrayOutput() SecretBackendCertArrayOutput
	ToSecretBackendCertArrayOutputWithContext(context.Context) SecretBackendCertArrayOutput
}

SecretBackendCertArrayInput is an input type that accepts SecretBackendCertArray and SecretBackendCertArrayOutput values. You can construct a concrete instance of `SecretBackendCertArrayInput` via: 

SecretBackendCertArray{ SecretBackendCertArgs{...} }

type SecretBackendCertArrayOutput 

type SecretBackendCertArrayOutput struct{ *pulumi.OutputState }

func (SecretBackendCertArrayOutput) ElementType 

func (SecretBackendCertArrayOutput) ElementType() reflect.Type

func (SecretBackendCertArrayOutput) Index 

func (o SecretBackendCertArrayOutput) Index(i pulumi.IntInput) SecretBackendCertOutput

func (SecretBackendCertArrayOutput) ToSecretBackendCertArrayOutput 

func (o SecretBackendCertArrayOutput) ToSecretBackendCertArrayOutput() SecretBackendCertArrayOutput

func (SecretBackendCertArrayOutput) ToSecretBackendCertArrayOutputWithContext 

func (o SecretBackendCertArrayOutput) ToSecretBackendCertArrayOutputWithContext(ctx context.Context) SecretBackendCertArrayOutput

type SecretBackendCertInput 

type SecretBackendCertInput interface {
	pulumi.Input

	ToSecretBackendCertOutput() SecretBackendCertOutput
	ToSecretBackendCertOutputWithContext(ctx context.Context) SecretBackendCertOutput
}

type SecretBackendCertMap 

type SecretBackendCertMap map[string]SecretBackendCertInput

func (SecretBackendCertMap) ElementType 

func (SecretBackendCertMap) ElementType() reflect.Type

func (SecretBackendCertMap) ToSecretBackendCertMapOutput 

func (i SecretBackendCertMap) ToSecretBackendCertMapOutput() SecretBackendCertMapOutput

func (SecretBackendCertMap) ToSecretBackendCertMapOutputWithContext 

func (i SecretBackendCertMap) ToSecretBackendCertMapOutputWithContext(ctx context.Context) SecretBackendCertMapOutput

type SecretBackendCertMapInput 

type SecretBackendCertMapInput interface {
	pulumi.Input

	ToSecretBackendCertMapOutput() SecretBackendCertMapOutput
	ToSecretBackendCertMapOutputWithContext(context.Context) SecretBackendCertMapOutput
}

SecretBackendCertMapInput is an input type that accepts SecretBackendCertMap and SecretBackendCertMapOutput values. You can construct a concrete instance of `SecretBackendCertMapInput` via: 

SecretBackendCertMap{ "key": SecretBackendCertArgs{...} }

type SecretBackendCertMapOutput 

type SecretBackendCertMapOutput struct{ *pulumi.OutputState }

func (SecretBackendCertMapOutput) ElementType 

func (SecretBackendCertMapOutput) ElementType() reflect.Type

func (SecretBackendCertMapOutput) MapIndex 

func (o SecretBackendCertMapOutput) MapIndex(k pulumi.StringInput) SecretBackendCertOutput

func (SecretBackendCertMapOutput) ToSecretBackendCertMapOutput 

func (o SecretBackendCertMapOutput) ToSecretBackendCertMapOutput() SecretBackendCertMapOutput

func (SecretBackendCertMapOutput) ToSecretBackendCertMapOutputWithContext 

func (o SecretBackendCertMapOutput) ToSecretBackendCertMapOutputWithContext(ctx context.Context) SecretBackendCertMapOutput

type SecretBackendCertOutput 

type SecretBackendCertOutput struct{ *pulumi.OutputState }

func (SecretBackendCertOutput) AltNames 

func (o SecretBackendCertOutput) AltNames() pulumi.StringArrayOutput

List of alternative names

func (SecretBackendCertOutput) AutoRenew 

func (o SecretBackendCertOutput) AutoRenew() pulumi.BoolPtrOutput

If set to `true`, certs will be renewed if the expiration is within `minSecondsRemaining`. Default `false`

func (SecretBackendCertOutput) Backend 

func (o SecretBackendCertOutput) Backend() pulumi.StringOutput

The PKI secret backend the resource belongs to.

func (SecretBackendCertOutput) CaChain 

func (o SecretBackendCertOutput) CaChain() pulumi.StringOutput

The CA chain

func (SecretBackendCertOutput) Certificate 

func (o SecretBackendCertOutput) Certificate() pulumi.StringOutput

The certificate

func (SecretBackendCertOutput) CommonName 

func (o SecretBackendCertOutput) CommonName() pulumi.StringOutput

CN of certificate to create

func (SecretBackendCertOutput) ElementType 

func (SecretBackendCertOutput) ElementType() reflect.Type

func (SecretBackendCertOutput) ExcludeCnFromSans 

func (o SecretBackendCertOutput) ExcludeCnFromSans() pulumi.BoolPtrOutput

Flag to exclude CN from SANs

func (SecretBackendCertOutput) Expiration 

func (o SecretBackendCertOutput) Expiration() pulumi.IntOutput

The expiration date of the certificate in unix epoch format

func (SecretBackendCertOutput) Format 

func (o SecretBackendCertOutput) Format() pulumi.StringPtrOutput

The format of data

func (SecretBackendCertOutput) IpSans 

func (o SecretBackendCertOutput) IpSans() pulumi.StringArrayOutput

List of alternative IPs

func (SecretBackendCertOutput) IssuerRef 

func (o SecretBackendCertOutput) IssuerRef() pulumi.StringPtrOutput

Specifies the default issuer of this request.

func (SecretBackendCertOutput) IssuingCa 

func (o SecretBackendCertOutput) IssuingCa() pulumi.StringOutput

The issuing CA

func (SecretBackendCertOutput) MinSecondsRemaining 

func (o SecretBackendCertOutput) MinSecondsRemaining() pulumi.IntPtrOutput

Generate a new certificate when the expiration is within this number of seconds, default is 604800 (7 days)

func (SecretBackendCertOutput) Name 

func (o SecretBackendCertOutput) Name() pulumi.StringOutput

Name of the role to create the certificate against

func (SecretBackendCertOutput) Namespace 

func (o SecretBackendCertOutput) Namespace() pulumi.StringPtrOutput

The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). *Available only for Vault Enterprise*.

func (SecretBackendCertOutput) OtherSans 

func (o SecretBackendCertOutput) OtherSans() pulumi.StringArrayOutput

List of other SANs

func (SecretBackendCertOutput) PrivateKey 

func (o SecretBackendCertOutput) PrivateKey() pulumi.StringOutput

The private key

func (SecretBackendCertOutput) PrivateKeyFormat 

func (o SecretBackendCertOutput) PrivateKeyFormat() pulumi.StringPtrOutput

The private key format

func (SecretBackendCertOutput) PrivateKeyType 

func (o SecretBackendCertOutput) PrivateKeyType() pulumi.StringOutput

The private key type

func (SecretBackendCertOutput) RenewPending 

func (o SecretBackendCertOutput) RenewPending() pulumi.BoolOutput

`true` if the current time (during refresh) is after the start of the early renewal window declared by `minSecondsRemaining`, and `false` otherwise; if `autoRenew` is set to `true` then the provider will plan to replace the certificate once renewal is pending.

func (SecretBackendCertOutput) Revoke 

func (o SecretBackendCertOutput) Revoke() pulumi.BoolPtrOutput

If set to `true`, the certificate will be revoked on resource destruction.

func (SecretBackendCertOutput) SerialNumber 

func (o SecretBackendCertOutput) SerialNumber() pulumi.StringOutput

The serial number

func (SecretBackendCertOutput) ToSecretBackendCertOutput 

func (o SecretBackendCertOutput) ToSecretBackendCertOutput() SecretBackendCertOutput

func (SecretBackendCertOutput) ToSecretBackendCertOutputWithContext 

func (o SecretBackendCertOutput) ToSecretBackendCertOutputWithContext(ctx context.Context) SecretBackendCertOutput

func (SecretBackendCertOutput) Ttl 

func (o SecretBackendCertOutput) Ttl() pulumi.StringPtrOutput

Time to live

func (SecretBackendCertOutput) UriSans 

func (o SecretBackendCertOutput) UriSans() pulumi.StringArrayOutput

List of alternative URIs

func (SecretBackendCertOutput) UserIds 

func (o SecretBackendCertOutput) UserIds() pulumi.StringArrayOutput

List of Subject User IDs

type SecretBackendCertState 

type SecretBackendCertState struct {
	// List of alternative names
	AltNames pulumi.StringArrayInput
	// If set to `true`, certs will be renewed if the expiration is within `minSecondsRemaining`. Default `false`
	AutoRenew pulumi.BoolPtrInput
	// The PKI secret backend the resource belongs to.
	Backend pulumi.StringPtrInput
	// The CA chain
	CaChain pulumi.StringPtrInput
	// The certificate
	Certificate pulumi.StringPtrInput
	// CN of certificate to create
	CommonName pulumi.StringPtrInput
	// Flag to exclude CN from SANs
	ExcludeCnFromSans pulumi.BoolPtrInput
	// The expiration date of the certificate in unix epoch format
	Expiration pulumi.IntPtrInput
	// The format of data
	Format pulumi.StringPtrInput
	// List of alternative IPs
	IpSans pulumi.StringArrayInput
	// Specifies the default issuer of this request.
	IssuerRef pulumi.StringPtrInput
	// The issuing CA
	IssuingCa pulumi.StringPtrInput
	// Generate a new certificate when the expiration is within this number of seconds, default is 604800 (7 days)
	MinSecondsRemaining pulumi.IntPtrInput
	// Name of the role to create the certificate against
	Name pulumi.StringPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// List of other SANs
	OtherSans pulumi.StringArrayInput
	// The private key
	PrivateKey pulumi.StringPtrInput
	// The private key format
	PrivateKeyFormat pulumi.StringPtrInput
	// The private key type
	PrivateKeyType pulumi.StringPtrInput
	// `true` if the current time (during refresh) is after the start of the early renewal window declared by `minSecondsRemaining`, and `false` otherwise; if `autoRenew` is set to `true` then the provider will plan to replace the certificate once renewal is pending.
	RenewPending pulumi.BoolPtrInput
	// If set to `true`, the certificate will be revoked on resource destruction.
	Revoke pulumi.BoolPtrInput
	// The serial number
	SerialNumber pulumi.StringPtrInput
	// Time to live
	Ttl pulumi.StringPtrInput
	// List of alternative URIs
	UriSans pulumi.StringArrayInput
	// List of Subject User IDs
	UserIds pulumi.StringArrayInput
}

func (SecretBackendCertState) ElementType 

func (SecretBackendCertState) ElementType() reflect.Type

type SecretBackendConfigCa 

type SecretBackendConfigCa struct {
	pulumi.CustomResourceState

	// The PKI secret backend the resource belongs to.
	Backend pulumi.StringOutput `pulumi:"backend"`
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrOutput `pulumi:"namespace"`
	// The key and certificate PEM bundle
	PemBundle pulumi.StringOutput `pulumi:"pemBundle"`
}

## Example Usage

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/pkiSecret"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := pkiSecret.NewSecretBackendConfigCa(ctx, "intermediate", &pkiSecret.SecretBackendConfigCaArgs{
			Backend: pulumi.Any(vault_mount.Intermediate.Path),
			PemBundle: pulumi.String(`-----BEGIN RSA PRIVATE KEY-----

MIIEowIBAAKCAQEAwvEHeJCXnFgi88rE1dTX6FHdBPK0wSjedh0ywVnCZxLWbBv/ 5PytjTcCPdrfW7g2sfbPwOge/WF3X2KeYSP8SxZA0czmz6QDspeG921JkZWtyp5o ++N0leLTIUAhq339p3O1onAOUO1k4sHfmCwfrDpTn2hcx4URa5Pzzb1fHigusjIH 1mcGdncaA6Z2CzO1w4E8kPOUukIDrcZT4faOZrWUIQZKQw2JzTyKJ+ZMDCZq2TFz WwpL3eG48wB7J7mibFQ/9nFvxpIflBjDAZ8QiqkwYr5N0DNsTxcfTCSeubfJDCUf IWwFZhLitzwOxazazUQKXX/SPMQ1l/L9o3nnHwIDAQABAoIBAAQidJQcDPsl62fc Txxx7TpiMhvewfKu2TkMGX18V+EzxxR364+BxHSQTB3fvIkHeTGBGJrw0WdyX8PI Ja/NwZYeHLXWcLbKtcFd8WDiEoNh91Oq1HMzOc/MBcpYv94RSAX7MEkHs2YIAvHE RufFV86hVhC1d/JLYjkz5CHi+Fd9XTYjBK78tHhJd4IJPu5LYvwlmzC1zeS7s1Tg QW1FQuVDV8tWa4PMTrQHwfaGqn95AKc+tbg+ubpCiWl5bBNI3Ghuh4sAC9dMdAkd w27i29O9/Y3XJSSGUZlZqDBP4YU388RgHpzLDUxgRcaQt9vdeEz6frULPW67e9D2 mPPDzjECgYEA4aPOwvnSwGoOKsS6vANGy4Ajsq09PR+1ltMJUR5kDlXGuZWI72eX 3/GAnovDuCp0tbYt0r7Fmkfel0Ore7SYM18TH5QGpPddcZLvKUf7AchCIOYY0Te3 pS9+7S1lEGrLXyuox4N26Ov6wHVrmZTcQoZsDWbjYxNNsNACsiQNjGMCgYEA3SvQ Jets9e9SgNVvao2TijX+/vcNKRfcWB71T9Xc4BuSNEu5+ZLtptlwaSnVCVu1Xilk sWDh+3EhByl4EteENPvE/7A2s1sfcDOprvg0r52aBZKeTp0AukrT8+Ad4hap7g1x 2Lz11MFDkhRqt2KqQaIL+5Mq5WfptbBJ0YI7ARUCgYAD6iSfK1hlsDFYupsGwgPL agi0g97pHZC38idaOe3AdeqBs79xb9mpr/XsSj52Bn6J3IRFALxK5e5Nr4XdGo/9 bCvXw2iuGgCMBOGTVMVdDY1gJr3Ne2r7Oay5Dq2PMFsg5pACDhzVA6sRBbh9LKD5 on1jaiKNyHrzk1hIoOl/QwKBgA+Ov2uLbfS2yvTpDpdOMiyss603r6NOXF+Ofe8J uinBhr1K/mAB59muveuH18Z6vv1KqByaFgtb39jjH+Eja9dWRns95/sh08pOuAbo yrv3uBfgQmaBQMXZ8aLcBv4aXgWyyGlYkWpP1fL2oLMZq6RGQ9WEeqX8c0ImjmrA YGopAoGBAJZPFlZi2Rfq4MfFZp/X1/zM09hphZwkxkSI+RnsjDUjTgB8CuQul5ep KWE98yLw4C25Cqw5fKKQ2addizLnZCAIfJKVNRjYLWlWyGQydDEUzqwXlSLS9LVX LxLkWDajIyjeFn21Ttb42L9pBo3TAQIxUenom/lP2SQTvCKBiPai -----END RSA PRIVATE KEY----- -----BEGIN CERTIFICATE----- MIIDazCCAlOgAwIBAgIUahce2sCO7Bom/Rznd5HsNAlr1NgwDQYJKoZIhvcNAQEL BQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0xODEyMDIwMTAxNDRaFw00NjEy MTUwMTAxNDRaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEw HwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggEiMA0GCSqGSIb3DQEB AQUAA4IBDwAwggEKAoIBAQDC8Qd4kJecWCLzysTV1NfoUd0E8rTBKN52HTLBWcJn EtZsG//k/K2NNwI92t9buDax9s/A6B79YXdfYp5hI/xLFkDRzObPpAOyl4b3bUmR la3Knmj743SV4tMhQCGrff2nc7WicA5Q7WTiwd+YLB+sOlOfaFzHhRFrk/PNvV8e KC6yMgfWZwZ2dxoDpnYLM7XDgTyQ85S6QgOtxlPh9o5mtZQhBkpDDYnNPIon5kwM JmrZMXNbCkvd4bjzAHsnuaJsVD/2cW/Gkh+UGMMBnxCKqTBivk3QM2xPFx9MJJ65 t8kMJR8hbAVmEuK3PA7FrNrNRApdf9I8xDWX8v2jeecfAgMBAAGjUzBRMB0GA1Ud DgQWBBQXGfrns8OqxTGKsXG5pDZS/WyyYDAfBgNVHSMEGDAWgBQXGfrns8OqxTGK sXG5pDZS/WyyYDAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCt 8aUX26cl2PgdIEByZSHAX5G+2b0IEtTclPkl4uDyyKRY4dVq6gK3ueVSU5eUmBip JbV5aRetovGOcV//8vbxkZm/ntQ8Oo+2sfGR5lIzd0UdlOr5pkD6g3bFy/zJ+4DR DAe8fklUacfz6CFmD+H8GyHm+fKmF+mjr4oOGQW6OegRDJHuiipUk2lJyuXdlPSa FpNRO2sGbjn000ANinFgnFiVzGDnx0/G1Kii/6GWrI6rrdVmXioQzF+8AloWckeB +hbmbwkwQa/JrLb5SWcBDOXSgtn1Li3XF5AQQBBjA3pOlyBXqnI94Irw89Lv9uPT MUR4qFxeUOW/GJGccMUd -----END CERTIFICATE----- `), 

		}, pulumi.DependsOn([]pulumi.Resource{
			vault_mount.Intermediate,
		}))
		if err != nil {
			return err
		}
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

func GetSecretBackendConfigCa 

func GetSecretBackendConfigCa(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *SecretBackendConfigCaState, opts ...pulumi.ResourceOption) (*SecretBackendConfigCa, error)

GetSecretBackendConfigCa gets an existing SecretBackendConfigCa resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewSecretBackendConfigCa 

func NewSecretBackendConfigCa(ctx *pulumi.Context,
	name string, args *SecretBackendConfigCaArgs, opts ...pulumi.ResourceOption) (*SecretBackendConfigCa, error)

NewSecretBackendConfigCa registers a new resource with the given unique name, arguments, and options.

func (*SecretBackendConfigCa) ElementType 

func (*SecretBackendConfigCa) ElementType() reflect.Type

func (*SecretBackendConfigCa) ToSecretBackendConfigCaOutput 

func (i *SecretBackendConfigCa) ToSecretBackendConfigCaOutput() SecretBackendConfigCaOutput

func (*SecretBackendConfigCa) ToSecretBackendConfigCaOutputWithContext 

func (i *SecretBackendConfigCa) ToSecretBackendConfigCaOutputWithContext(ctx context.Context) SecretBackendConfigCaOutput

type SecretBackendConfigCaArgs 

type SecretBackendConfigCaArgs struct {
	// The PKI secret backend the resource belongs to.
	Backend pulumi.StringInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// The key and certificate PEM bundle
	PemBundle pulumi.StringInput
}

The set of arguments for constructing a SecretBackendConfigCa resource.

func (SecretBackendConfigCaArgs) ElementType 

func (SecretBackendConfigCaArgs) ElementType() reflect.Type

type SecretBackendConfigCaArray 

type SecretBackendConfigCaArray []SecretBackendConfigCaInput

func (SecretBackendConfigCaArray) ElementType 

func (SecretBackendConfigCaArray) ElementType() reflect.Type

func (SecretBackendConfigCaArray) ToSecretBackendConfigCaArrayOutput 

func (i SecretBackendConfigCaArray) ToSecretBackendConfigCaArrayOutput() SecretBackendConfigCaArrayOutput

func (SecretBackendConfigCaArray) ToSecretBackendConfigCaArrayOutputWithContext 

func (i SecretBackendConfigCaArray) ToSecretBackendConfigCaArrayOutputWithContext(ctx context.Context) SecretBackendConfigCaArrayOutput

type SecretBackendConfigCaArrayInput 

type SecretBackendConfigCaArrayInput interface {
	pulumi.Input

	ToSecretBackendConfigCaArrayOutput() SecretBackendConfigCaArrayOutput
	ToSecretBackendConfigCaArrayOutputWithContext(context.Context) SecretBackendConfigCaArrayOutput
}

SecretBackendConfigCaArrayInput is an input type that accepts SecretBackendConfigCaArray and SecretBackendConfigCaArrayOutput values. You can construct a concrete instance of `SecretBackendConfigCaArrayInput` via: 

SecretBackendConfigCaArray{ SecretBackendConfigCaArgs{...} }

type SecretBackendConfigCaArrayOutput 

type SecretBackendConfigCaArrayOutput struct{ *pulumi.OutputState }

func (SecretBackendConfigCaArrayOutput) ElementType 

func (SecretBackendConfigCaArrayOutput) ElementType() reflect.Type

func (SecretBackendConfigCaArrayOutput) Index 

func (o SecretBackendConfigCaArrayOutput) Index(i pulumi.IntInput) SecretBackendConfigCaOutput

func (SecretBackendConfigCaArrayOutput) ToSecretBackendConfigCaArrayOutput 

func (o SecretBackendConfigCaArrayOutput) ToSecretBackendConfigCaArrayOutput() SecretBackendConfigCaArrayOutput

func (SecretBackendConfigCaArrayOutput) ToSecretBackendConfigCaArrayOutputWithContext 

func (o SecretBackendConfigCaArrayOutput) ToSecretBackendConfigCaArrayOutputWithContext(ctx context.Context) SecretBackendConfigCaArrayOutput

type SecretBackendConfigCaInput 

type SecretBackendConfigCaInput interface {
	pulumi.Input

	ToSecretBackendConfigCaOutput() SecretBackendConfigCaOutput
	ToSecretBackendConfigCaOutputWithContext(ctx context.Context) SecretBackendConfigCaOutput
}

type SecretBackendConfigCaMap 

type SecretBackendConfigCaMap map[string]SecretBackendConfigCaInput

func (SecretBackendConfigCaMap) ElementType 

func (SecretBackendConfigCaMap) ElementType() reflect.Type

func (SecretBackendConfigCaMap) ToSecretBackendConfigCaMapOutput 

func (i SecretBackendConfigCaMap) ToSecretBackendConfigCaMapOutput() SecretBackendConfigCaMapOutput

func (SecretBackendConfigCaMap) ToSecretBackendConfigCaMapOutputWithContext 

func (i SecretBackendConfigCaMap) ToSecretBackendConfigCaMapOutputWithContext(ctx context.Context) SecretBackendConfigCaMapOutput

type SecretBackendConfigCaMapInput 

type SecretBackendConfigCaMapInput interface {
	pulumi.Input

	ToSecretBackendConfigCaMapOutput() SecretBackendConfigCaMapOutput
	ToSecretBackendConfigCaMapOutputWithContext(context.Context) SecretBackendConfigCaMapOutput
}

SecretBackendConfigCaMapInput is an input type that accepts SecretBackendConfigCaMap and SecretBackendConfigCaMapOutput values. You can construct a concrete instance of `SecretBackendConfigCaMapInput` via: 

SecretBackendConfigCaMap{ "key": SecretBackendConfigCaArgs{...} }

type SecretBackendConfigCaMapOutput 

type SecretBackendConfigCaMapOutput struct{ *pulumi.OutputState }

func (SecretBackendConfigCaMapOutput) ElementType 

func (SecretBackendConfigCaMapOutput) ElementType() reflect.Type

func (SecretBackendConfigCaMapOutput) MapIndex 

func (o SecretBackendConfigCaMapOutput) MapIndex(k pulumi.StringInput) SecretBackendConfigCaOutput

func (SecretBackendConfigCaMapOutput) ToSecretBackendConfigCaMapOutput 

func (o SecretBackendConfigCaMapOutput) ToSecretBackendConfigCaMapOutput() SecretBackendConfigCaMapOutput

func (SecretBackendConfigCaMapOutput) ToSecretBackendConfigCaMapOutputWithContext 

func (o SecretBackendConfigCaMapOutput) ToSecretBackendConfigCaMapOutputWithContext(ctx context.Context) SecretBackendConfigCaMapOutput

type SecretBackendConfigCaOutput 

type SecretBackendConfigCaOutput struct{ *pulumi.OutputState }

func (SecretBackendConfigCaOutput) Backend 

func (o SecretBackendConfigCaOutput) Backend() pulumi.StringOutput

The PKI secret backend the resource belongs to.

func (SecretBackendConfigCaOutput) ElementType 

func (SecretBackendConfigCaOutput) ElementType() reflect.Type

func (SecretBackendConfigCaOutput) Namespace 

func (o SecretBackendConfigCaOutput) Namespace() pulumi.StringPtrOutput

The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). *Available only for Vault Enterprise*.

func (SecretBackendConfigCaOutput) PemBundle 

func (o SecretBackendConfigCaOutput) PemBundle() pulumi.StringOutput

The key and certificate PEM bundle

func (SecretBackendConfigCaOutput) ToSecretBackendConfigCaOutput 

func (o SecretBackendConfigCaOutput) ToSecretBackendConfigCaOutput() SecretBackendConfigCaOutput

func (SecretBackendConfigCaOutput) ToSecretBackendConfigCaOutputWithContext 

func (o SecretBackendConfigCaOutput) ToSecretBackendConfigCaOutputWithContext(ctx context.Context) SecretBackendConfigCaOutput

type SecretBackendConfigCaState 

type SecretBackendConfigCaState struct {
	// The PKI secret backend the resource belongs to.
	Backend pulumi.StringPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// The key and certificate PEM bundle
	PemBundle pulumi.StringPtrInput
}

func (SecretBackendConfigCaState) ElementType 

func (SecretBackendConfigCaState) ElementType() reflect.Type

type SecretBackendConfigIssuers 

type SecretBackendConfigIssuers struct {
	pulumi.CustomResourceState

	// The path the PKI secret backend is mounted at, with no
	// leading or trailing `/`s.
	Backend pulumi.StringOutput `pulumi:"backend"`
	// Specifies the default issuer by ID.
	Default pulumi.StringPtrOutput `pulumi:"default"`
	// Specifies whether a root creation
	// or an issuer import operation updates the default issuer to the newly added issuer.
	DefaultFollowsLatestIssuer pulumi.BoolOutput `pulumi:"defaultFollowsLatestIssuer"`
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrOutput `pulumi:"namespace"`
}

## Example Usage

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault"
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/pkiSecret"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		pki, err := vault.NewMount(ctx, "pki", &vault.MountArgs{
			Path:                   pulumi.String("pki"),
			Type:                   pulumi.String("pki"),
			DefaultLeaseTtlSeconds: pulumi.Int(3600),
			MaxLeaseTtlSeconds:     pulumi.Int(86400),
		})
		if err != nil {
			return err
		}
		root, err := pkiSecret.NewSecretBackendRootCert(ctx, "root", &pkiSecret.SecretBackendRootCertArgs{
			Backend:    pki.Path,
			Type:       pulumi.String("internal"),
			CommonName: pulumi.String("test"),
			Ttl:        pulumi.String("86400"),
		})
		if err != nil {
			return err
		}
		example, err := pkiSecret.NewSecretBackendIssuer(ctx, "example", &pkiSecret.SecretBackendIssuerArgs{
			Backend:    root.Backend,
			IssuerRef:  root.IssuerId,
			IssuerName: pulumi.String("example-issuer"),
		})
		if err != nil {
			return err
		}
		_, err = pkiSecret.NewSecretBackendConfigIssuers(ctx, "config", &pkiSecret.SecretBackendConfigIssuersArgs{
			Backend:                    pki.Path,
			Default:                    example.IssuerId,
			DefaultFollowsLatestIssuer: pulumi.Bool(true),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

## Import

PKI secret backend config issuers can be imported using the path, e.g.

```sh $ pulumi import vault:pkiSecret/secretBackendConfigIssuers:SecretBackendConfigIssuers config pki/config/issuers ```

func GetSecretBackendConfigIssuers 

func GetSecretBackendConfigIssuers(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *SecretBackendConfigIssuersState, opts ...pulumi.ResourceOption) (*SecretBackendConfigIssuers, error)

GetSecretBackendConfigIssuers gets an existing SecretBackendConfigIssuers resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewSecretBackendConfigIssuers 

func NewSecretBackendConfigIssuers(ctx *pulumi.Context,
	name string, args *SecretBackendConfigIssuersArgs, opts ...pulumi.ResourceOption) (*SecretBackendConfigIssuers, error)

NewSecretBackendConfigIssuers registers a new resource with the given unique name, arguments, and options.

func (*SecretBackendConfigIssuers) ElementType 

func (*SecretBackendConfigIssuers) ElementType() reflect.Type

func (*SecretBackendConfigIssuers) ToSecretBackendConfigIssuersOutput 

func (i *SecretBackendConfigIssuers) ToSecretBackendConfigIssuersOutput() SecretBackendConfigIssuersOutput

func (*SecretBackendConfigIssuers) ToSecretBackendConfigIssuersOutputWithContext 

func (i *SecretBackendConfigIssuers) ToSecretBackendConfigIssuersOutputWithContext(ctx context.Context) SecretBackendConfigIssuersOutput

type SecretBackendConfigIssuersArgs 

type SecretBackendConfigIssuersArgs struct {
	// The path the PKI secret backend is mounted at, with no
	// leading or trailing `/`s.
	Backend pulumi.StringInput
	// Specifies the default issuer by ID.
	Default pulumi.StringPtrInput
	// Specifies whether a root creation
	// or an issuer import operation updates the default issuer to the newly added issuer.
	DefaultFollowsLatestIssuer pulumi.BoolPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
}

The set of arguments for constructing a SecretBackendConfigIssuers resource.

func (SecretBackendConfigIssuersArgs) ElementType 

func (SecretBackendConfigIssuersArgs) ElementType() reflect.Type

type SecretBackendConfigIssuersArray 

type SecretBackendConfigIssuersArray []SecretBackendConfigIssuersInput

func (SecretBackendConfigIssuersArray) ElementType 

func (SecretBackendConfigIssuersArray) ElementType() reflect.Type

func (SecretBackendConfigIssuersArray) ToSecretBackendConfigIssuersArrayOutput 

func (i SecretBackendConfigIssuersArray) ToSecretBackendConfigIssuersArrayOutput() SecretBackendConfigIssuersArrayOutput

func (SecretBackendConfigIssuersArray) ToSecretBackendConfigIssuersArrayOutputWithContext 

func (i SecretBackendConfigIssuersArray) ToSecretBackendConfigIssuersArrayOutputWithContext(ctx context.Context) SecretBackendConfigIssuersArrayOutput

type SecretBackendConfigIssuersArrayInput 

type SecretBackendConfigIssuersArrayInput interface {
	pulumi.Input

	ToSecretBackendConfigIssuersArrayOutput() SecretBackendConfigIssuersArrayOutput
	ToSecretBackendConfigIssuersArrayOutputWithContext(context.Context) SecretBackendConfigIssuersArrayOutput
}

SecretBackendConfigIssuersArrayInput is an input type that accepts SecretBackendConfigIssuersArray and SecretBackendConfigIssuersArrayOutput values. You can construct a concrete instance of `SecretBackendConfigIssuersArrayInput` via: 

SecretBackendConfigIssuersArray{ SecretBackendConfigIssuersArgs{...} }

type SecretBackendConfigIssuersArrayOutput 

type SecretBackendConfigIssuersArrayOutput struct{ *pulumi.OutputState }

func (SecretBackendConfigIssuersArrayOutput) ElementType 

func (SecretBackendConfigIssuersArrayOutput) ElementType() reflect.Type

func (SecretBackendConfigIssuersArrayOutput) Index 

func (o SecretBackendConfigIssuersArrayOutput) Index(i pulumi.IntInput) SecretBackendConfigIssuersOutput

func (SecretBackendConfigIssuersArrayOutput) ToSecretBackendConfigIssuersArrayOutput 

func (o SecretBackendConfigIssuersArrayOutput) ToSecretBackendConfigIssuersArrayOutput() SecretBackendConfigIssuersArrayOutput

func (SecretBackendConfigIssuersArrayOutput) ToSecretBackendConfigIssuersArrayOutputWithContext 

func (o SecretBackendConfigIssuersArrayOutput) ToSecretBackendConfigIssuersArrayOutputWithContext(ctx context.Context) SecretBackendConfigIssuersArrayOutput

type SecretBackendConfigIssuersInput 

type SecretBackendConfigIssuersInput interface {
	pulumi.Input

	ToSecretBackendConfigIssuersOutput() SecretBackendConfigIssuersOutput
	ToSecretBackendConfigIssuersOutputWithContext(ctx context.Context) SecretBackendConfigIssuersOutput
}

type SecretBackendConfigIssuersMap 

type SecretBackendConfigIssuersMap map[string]SecretBackendConfigIssuersInput

func (SecretBackendConfigIssuersMap) ElementType 

func (SecretBackendConfigIssuersMap) ElementType() reflect.Type

func (SecretBackendConfigIssuersMap) ToSecretBackendConfigIssuersMapOutput 

func (i SecretBackendConfigIssuersMap) ToSecretBackendConfigIssuersMapOutput() SecretBackendConfigIssuersMapOutput

func (SecretBackendConfigIssuersMap) ToSecretBackendConfigIssuersMapOutputWithContext 

func (i SecretBackendConfigIssuersMap) ToSecretBackendConfigIssuersMapOutputWithContext(ctx context.Context) SecretBackendConfigIssuersMapOutput

type SecretBackendConfigIssuersMapInput 

type SecretBackendConfigIssuersMapInput interface {
	pulumi.Input

	ToSecretBackendConfigIssuersMapOutput() SecretBackendConfigIssuersMapOutput
	ToSecretBackendConfigIssuersMapOutputWithContext(context.Context) SecretBackendConfigIssuersMapOutput
}

SecretBackendConfigIssuersMapInput is an input type that accepts SecretBackendConfigIssuersMap and SecretBackendConfigIssuersMapOutput values. You can construct a concrete instance of `SecretBackendConfigIssuersMapInput` via: 

SecretBackendConfigIssuersMap{ "key": SecretBackendConfigIssuersArgs{...} }

type SecretBackendConfigIssuersMapOutput 

type SecretBackendConfigIssuersMapOutput struct{ *pulumi.OutputState }

func (SecretBackendConfigIssuersMapOutput) ElementType 

func (SecretBackendConfigIssuersMapOutput) ElementType() reflect.Type

func (SecretBackendConfigIssuersMapOutput) MapIndex 

func (o SecretBackendConfigIssuersMapOutput) MapIndex(k pulumi.StringInput) SecretBackendConfigIssuersOutput

func (SecretBackendConfigIssuersMapOutput) ToSecretBackendConfigIssuersMapOutput 

func (o SecretBackendConfigIssuersMapOutput) ToSecretBackendConfigIssuersMapOutput() SecretBackendConfigIssuersMapOutput

func (SecretBackendConfigIssuersMapOutput) ToSecretBackendConfigIssuersMapOutputWithContext 

func (o SecretBackendConfigIssuersMapOutput) ToSecretBackendConfigIssuersMapOutputWithContext(ctx context.Context) SecretBackendConfigIssuersMapOutput

type SecretBackendConfigIssuersOutput 

type SecretBackendConfigIssuersOutput struct{ *pulumi.OutputState }

func (SecretBackendConfigIssuersOutput) Backend 

func (o SecretBackendConfigIssuersOutput) Backend() pulumi.StringOutput

The path the PKI secret backend is mounted at, with no leading or trailing `/`s.

func (SecretBackendConfigIssuersOutput) Default 

func (o SecretBackendConfigIssuersOutput) Default() pulumi.StringPtrOutput

Specifies the default issuer by ID.

func (SecretBackendConfigIssuersOutput) DefaultFollowsLatestIssuer 

func (o SecretBackendConfigIssuersOutput) DefaultFollowsLatestIssuer() pulumi.BoolOutput

Specifies whether a root creation or an issuer import operation updates the default issuer to the newly added issuer.

func (SecretBackendConfigIssuersOutput) ElementType 

func (SecretBackendConfigIssuersOutput) ElementType() reflect.Type

func (SecretBackendConfigIssuersOutput) Namespace 

func (o SecretBackendConfigIssuersOutput) Namespace() pulumi.StringPtrOutput

The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). *Available only for Vault Enterprise*.

func (SecretBackendConfigIssuersOutput) ToSecretBackendConfigIssuersOutput 

func (o SecretBackendConfigIssuersOutput) ToSecretBackendConfigIssuersOutput() SecretBackendConfigIssuersOutput

func (SecretBackendConfigIssuersOutput) ToSecretBackendConfigIssuersOutputWithContext 

func (o SecretBackendConfigIssuersOutput) ToSecretBackendConfigIssuersOutputWithContext(ctx context.Context) SecretBackendConfigIssuersOutput

type SecretBackendConfigIssuersState 

type SecretBackendConfigIssuersState struct {
	// The path the PKI secret backend is mounted at, with no
	// leading or trailing `/`s.
	Backend pulumi.StringPtrInput
	// Specifies the default issuer by ID.
	Default pulumi.StringPtrInput
	// Specifies whether a root creation
	// or an issuer import operation updates the default issuer to the newly added issuer.
	DefaultFollowsLatestIssuer pulumi.BoolPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
}

func (SecretBackendConfigIssuersState) ElementType 

func (SecretBackendConfigIssuersState) ElementType() reflect.Type

type SecretBackendConfigUrls 

type SecretBackendConfigUrls struct {
	pulumi.CustomResourceState

	// The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
	Backend pulumi.StringOutput `pulumi:"backend"`
	// Specifies the URL values for the CRL Distribution Points field.
	CrlDistributionPoints pulumi.StringArrayOutput `pulumi:"crlDistributionPoints"`
	// Specifies that templating of AIA fields is allowed.
	EnableTemplating pulumi.BoolPtrOutput `pulumi:"enableTemplating"`
	// Specifies the URL values for the Issuing Certificate field.
	IssuingCertificates pulumi.StringArrayOutput `pulumi:"issuingCertificates"`
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrOutput `pulumi:"namespace"`
	// Specifies the URL values for the OCSP Servers field.
	OcspServers pulumi.StringArrayOutput `pulumi:"ocspServers"`
}

Allows setting the issuing certificate endpoints, CRL distribution points, and OCSP server endpoints that will be encoded into issued certificates.

## Example Usage

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault"
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/pkiSecret"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		root, err := vault.NewMount(ctx, "root", &vault.MountArgs{
			Path:                   pulumi.String("pki-root"),
			Type:                   pulumi.String("pki"),
			Description:            pulumi.String("root PKI"),
			DefaultLeaseTtlSeconds: pulumi.Int(8640000),
			MaxLeaseTtlSeconds:     pulumi.Int(8640000),
		})
		if err != nil {
			return err
		}
		_, err = pkiSecret.NewSecretBackendConfigUrls(ctx, "example", &pkiSecret.SecretBackendConfigUrlsArgs{
			Backend: root.Path,
			IssuingCertificates: pulumi.StringArray{
				pulumi.String("http://127.0.0.1:8200/v1/pki/ca"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

## Import

The PKI config URLs can be imported using the resource's `id`. In the case of the example above the `id` would be `pki-root/config/urls`, where the `pki-root` component is the resource's `backend`, e.g.

```sh $ pulumi import vault:pkiSecret/secretBackendConfigUrls:SecretBackendConfigUrls example pki-root/config/urls ```

func GetSecretBackendConfigUrls 

func GetSecretBackendConfigUrls(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *SecretBackendConfigUrlsState, opts ...pulumi.ResourceOption) (*SecretBackendConfigUrls, error)

GetSecretBackendConfigUrls gets an existing SecretBackendConfigUrls resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewSecretBackendConfigUrls 

func NewSecretBackendConfigUrls(ctx *pulumi.Context,
	name string, args *SecretBackendConfigUrlsArgs, opts ...pulumi.ResourceOption) (*SecretBackendConfigUrls, error)

NewSecretBackendConfigUrls registers a new resource with the given unique name, arguments, and options.

func (*SecretBackendConfigUrls) ElementType 

func (*SecretBackendConfigUrls) ElementType() reflect.Type

func (*SecretBackendConfigUrls) ToSecretBackendConfigUrlsOutput 

func (i *SecretBackendConfigUrls) ToSecretBackendConfigUrlsOutput() SecretBackendConfigUrlsOutput

func (*SecretBackendConfigUrls) ToSecretBackendConfigUrlsOutputWithContext 

func (i *SecretBackendConfigUrls) ToSecretBackendConfigUrlsOutputWithContext(ctx context.Context) SecretBackendConfigUrlsOutput

type SecretBackendConfigUrlsArgs 

type SecretBackendConfigUrlsArgs struct {
	// The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
	Backend pulumi.StringInput
	// Specifies the URL values for the CRL Distribution Points field.
	CrlDistributionPoints pulumi.StringArrayInput
	// Specifies that templating of AIA fields is allowed.
	EnableTemplating pulumi.BoolPtrInput
	// Specifies the URL values for the Issuing Certificate field.
	IssuingCertificates pulumi.StringArrayInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// Specifies the URL values for the OCSP Servers field.
	OcspServers pulumi.StringArrayInput
}

The set of arguments for constructing a SecretBackendConfigUrls resource.

func (SecretBackendConfigUrlsArgs) ElementType 

func (SecretBackendConfigUrlsArgs) ElementType() reflect.Type

type SecretBackendConfigUrlsArray 

type SecretBackendConfigUrlsArray []SecretBackendConfigUrlsInput

func (SecretBackendConfigUrlsArray) ElementType 

func (SecretBackendConfigUrlsArray) ElementType() reflect.Type

func (SecretBackendConfigUrlsArray) ToSecretBackendConfigUrlsArrayOutput 

func (i SecretBackendConfigUrlsArray) ToSecretBackendConfigUrlsArrayOutput() SecretBackendConfigUrlsArrayOutput

func (SecretBackendConfigUrlsArray) ToSecretBackendConfigUrlsArrayOutputWithContext 

func (i SecretBackendConfigUrlsArray) ToSecretBackendConfigUrlsArrayOutputWithContext(ctx context.Context) SecretBackendConfigUrlsArrayOutput

type SecretBackendConfigUrlsArrayInput 

type SecretBackendConfigUrlsArrayInput interface {
	pulumi.Input

	ToSecretBackendConfigUrlsArrayOutput() SecretBackendConfigUrlsArrayOutput
	ToSecretBackendConfigUrlsArrayOutputWithContext(context.Context) SecretBackendConfigUrlsArrayOutput
}

SecretBackendConfigUrlsArrayInput is an input type that accepts SecretBackendConfigUrlsArray and SecretBackendConfigUrlsArrayOutput values. You can construct a concrete instance of `SecretBackendConfigUrlsArrayInput` via: 

SecretBackendConfigUrlsArray{ SecretBackendConfigUrlsArgs{...} }

type SecretBackendConfigUrlsArrayOutput 

type SecretBackendConfigUrlsArrayOutput struct{ *pulumi.OutputState }

func (SecretBackendConfigUrlsArrayOutput) ElementType 

func (SecretBackendConfigUrlsArrayOutput) ElementType() reflect.Type

func (SecretBackendConfigUrlsArrayOutput) Index 

func (o SecretBackendConfigUrlsArrayOutput) Index(i pulumi.IntInput) SecretBackendConfigUrlsOutput

func (SecretBackendConfigUrlsArrayOutput) ToSecretBackendConfigUrlsArrayOutput 

func (o SecretBackendConfigUrlsArrayOutput) ToSecretBackendConfigUrlsArrayOutput() SecretBackendConfigUrlsArrayOutput

func (SecretBackendConfigUrlsArrayOutput) ToSecretBackendConfigUrlsArrayOutputWithContext 

func (o SecretBackendConfigUrlsArrayOutput) ToSecretBackendConfigUrlsArrayOutputWithContext(ctx context.Context) SecretBackendConfigUrlsArrayOutput

type SecretBackendConfigUrlsInput 

type SecretBackendConfigUrlsInput interface {
	pulumi.Input

	ToSecretBackendConfigUrlsOutput() SecretBackendConfigUrlsOutput
	ToSecretBackendConfigUrlsOutputWithContext(ctx context.Context) SecretBackendConfigUrlsOutput
}

type SecretBackendConfigUrlsMap 

type SecretBackendConfigUrlsMap map[string]SecretBackendConfigUrlsInput

func (SecretBackendConfigUrlsMap) ElementType 

func (SecretBackendConfigUrlsMap) ElementType() reflect.Type

func (SecretBackendConfigUrlsMap) ToSecretBackendConfigUrlsMapOutput 

func (i SecretBackendConfigUrlsMap) ToSecretBackendConfigUrlsMapOutput() SecretBackendConfigUrlsMapOutput

func (SecretBackendConfigUrlsMap) ToSecretBackendConfigUrlsMapOutputWithContext 

func (i SecretBackendConfigUrlsMap) ToSecretBackendConfigUrlsMapOutputWithContext(ctx context.Context) SecretBackendConfigUrlsMapOutput

type SecretBackendConfigUrlsMapInput 

type SecretBackendConfigUrlsMapInput interface {
	pulumi.Input

	ToSecretBackendConfigUrlsMapOutput() SecretBackendConfigUrlsMapOutput
	ToSecretBackendConfigUrlsMapOutputWithContext(context.Context) SecretBackendConfigUrlsMapOutput
}

SecretBackendConfigUrlsMapInput is an input type that accepts SecretBackendConfigUrlsMap and SecretBackendConfigUrlsMapOutput values. You can construct a concrete instance of `SecretBackendConfigUrlsMapInput` via: 

SecretBackendConfigUrlsMap{ "key": SecretBackendConfigUrlsArgs{...} }

type SecretBackendConfigUrlsMapOutput 

type SecretBackendConfigUrlsMapOutput struct{ *pulumi.OutputState }

func (SecretBackendConfigUrlsMapOutput) ElementType 

func (SecretBackendConfigUrlsMapOutput) ElementType() reflect.Type

func (SecretBackendConfigUrlsMapOutput) MapIndex 

func (o SecretBackendConfigUrlsMapOutput) MapIndex(k pulumi.StringInput) SecretBackendConfigUrlsOutput

func (SecretBackendConfigUrlsMapOutput) ToSecretBackendConfigUrlsMapOutput 

func (o SecretBackendConfigUrlsMapOutput) ToSecretBackendConfigUrlsMapOutput() SecretBackendConfigUrlsMapOutput

func (SecretBackendConfigUrlsMapOutput) ToSecretBackendConfigUrlsMapOutputWithContext 

func (o SecretBackendConfigUrlsMapOutput) ToSecretBackendConfigUrlsMapOutputWithContext(ctx context.Context) SecretBackendConfigUrlsMapOutput

type SecretBackendConfigUrlsOutput 

type SecretBackendConfigUrlsOutput struct{ *pulumi.OutputState }

func (SecretBackendConfigUrlsOutput) Backend 

func (o SecretBackendConfigUrlsOutput) Backend() pulumi.StringOutput

The path the PKI secret backend is mounted at, with no leading or trailing `/`s.

func (SecretBackendConfigUrlsOutput) CrlDistributionPoints 

func (o SecretBackendConfigUrlsOutput) CrlDistributionPoints() pulumi.StringArrayOutput

Specifies the URL values for the CRL Distribution Points field.

func (SecretBackendConfigUrlsOutput) ElementType 

func (SecretBackendConfigUrlsOutput) ElementType() reflect.Type

func (SecretBackendConfigUrlsOutput) EnableTemplating 

func (o SecretBackendConfigUrlsOutput) EnableTemplating() pulumi.BoolPtrOutput

Specifies that templating of AIA fields is allowed.

func (SecretBackendConfigUrlsOutput) IssuingCertificates 

func (o SecretBackendConfigUrlsOutput) IssuingCertificates() pulumi.StringArrayOutput

Specifies the URL values for the Issuing Certificate field.

func (SecretBackendConfigUrlsOutput) Namespace 

func (o SecretBackendConfigUrlsOutput) Namespace() pulumi.StringPtrOutput

The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). *Available only for Vault Enterprise*.

func (SecretBackendConfigUrlsOutput) OcspServers 

func (o SecretBackendConfigUrlsOutput) OcspServers() pulumi.StringArrayOutput

Specifies the URL values for the OCSP Servers field.

func (SecretBackendConfigUrlsOutput) ToSecretBackendConfigUrlsOutput 

func (o SecretBackendConfigUrlsOutput) ToSecretBackendConfigUrlsOutput() SecretBackendConfigUrlsOutput

func (SecretBackendConfigUrlsOutput) ToSecretBackendConfigUrlsOutputWithContext 

func (o SecretBackendConfigUrlsOutput) ToSecretBackendConfigUrlsOutputWithContext(ctx context.Context) SecretBackendConfigUrlsOutput

type SecretBackendConfigUrlsState 

type SecretBackendConfigUrlsState struct {
	// The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
	Backend pulumi.StringPtrInput
	// Specifies the URL values for the CRL Distribution Points field.
	CrlDistributionPoints pulumi.StringArrayInput
	// Specifies that templating of AIA fields is allowed.
	EnableTemplating pulumi.BoolPtrInput
	// Specifies the URL values for the Issuing Certificate field.
	IssuingCertificates pulumi.StringArrayInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// Specifies the URL values for the OCSP Servers field.
	OcspServers pulumi.StringArrayInput
}

func (SecretBackendConfigUrlsState) ElementType 

func (SecretBackendConfigUrlsState) ElementType() reflect.Type

type SecretBackendCrlConfig 

type SecretBackendCrlConfig struct {
	pulumi.CustomResourceState

	// Enables periodic rebuilding of the CRL upon expiry. **Vault 1.12+**
	AutoRebuild pulumi.BoolPtrOutput `pulumi:"autoRebuild"`
	// Grace period before CRL expiry to attempt rebuild of CRL. **Vault 1.12+**
	AutoRebuildGracePeriod pulumi.StringOutput `pulumi:"autoRebuildGracePeriod"`
	// The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
	Backend pulumi.StringOutput `pulumi:"backend"`
	// Enable cross-cluster revocation request queues. **Vault 1.13+**
	CrossClusterRevocation pulumi.BoolOutput `pulumi:"crossClusterRevocation"`
	// Interval to check for new revocations on, to regenerate the delta CRL.
	DeltaRebuildInterval pulumi.StringOutput `pulumi:"deltaRebuildInterval"`
	// Disables or enables CRL building.
	Disable pulumi.BoolPtrOutput `pulumi:"disable"`
	// Enables building of delta CRLs with up-to-date revocation information,
	// augmenting the last complete CRL.  **Vault 1.12+**
	EnableDelta pulumi.BoolPtrOutput `pulumi:"enableDelta"`
	// Specifies the time until expiration.
	Expiry pulumi.StringPtrOutput `pulumi:"expiry"`
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrOutput `pulumi:"namespace"`
	// Disables the OCSP responder in Vault. **Vault 1.12+**
	OcspDisable pulumi.BoolPtrOutput `pulumi:"ocspDisable"`
	// The amount of time an OCSP response can be cached for, useful for OCSP stapling
	// refresh durations. **Vault 1.12+**
	OcspExpiry pulumi.StringOutput `pulumi:"ocspExpiry"`
	// Enables unified CRL and OCSP building. **Vault 1.13+**
	UnifiedCrl pulumi.BoolOutput `pulumi:"unifiedCrl"`
	// Enables serving the unified CRL and OCSP on the existing, previously
	// cluster-local paths. **Vault 1.13+**
	UnifiedCrlOnExistingPaths pulumi.BoolOutput `pulumi:"unifiedCrlOnExistingPaths"`
}

Allows setting the duration for which the generated CRL should be marked valid. If the CRL is disabled, it will return a signed but zero-length CRL for any request. If enabled, it will re-build the CRL.

## Example Usage

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault"
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/pkiSecret"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		pki, err := vault.NewMount(ctx, "pki", &vault.MountArgs{
			Path:                   pulumi.String("%s"),
			Type:                   pulumi.String("pki"),
			DefaultLeaseTtlSeconds: pulumi.Int(3600),
			MaxLeaseTtlSeconds:     pulumi.Int(86400),
		})
		if err != nil {
			return err
		}
		_, err = pkiSecret.NewSecretBackendCrlConfig(ctx, "crlConfig", &pkiSecret.SecretBackendCrlConfigArgs{
			Backend: pki.Path,
			Expiry:  pulumi.String("72h"),
			Disable: pulumi.Bool(false),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

func GetSecretBackendCrlConfig 

func GetSecretBackendCrlConfig(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *SecretBackendCrlConfigState, opts ...pulumi.ResourceOption) (*SecretBackendCrlConfig, error)

GetSecretBackendCrlConfig gets an existing SecretBackendCrlConfig resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewSecretBackendCrlConfig 

func NewSecretBackendCrlConfig(ctx *pulumi.Context,
	name string, args *SecretBackendCrlConfigArgs, opts ...pulumi.ResourceOption) (*SecretBackendCrlConfig, error)

NewSecretBackendCrlConfig registers a new resource with the given unique name, arguments, and options.

func (*SecretBackendCrlConfig) ElementType 

func (*SecretBackendCrlConfig) ElementType() reflect.Type

func (*SecretBackendCrlConfig) ToSecretBackendCrlConfigOutput 

func (i *SecretBackendCrlConfig) ToSecretBackendCrlConfigOutput() SecretBackendCrlConfigOutput

func (*SecretBackendCrlConfig) ToSecretBackendCrlConfigOutputWithContext 

func (i *SecretBackendCrlConfig) ToSecretBackendCrlConfigOutputWithContext(ctx context.Context) SecretBackendCrlConfigOutput

type SecretBackendCrlConfigArgs 

type SecretBackendCrlConfigArgs struct {
	// Enables periodic rebuilding of the CRL upon expiry. **Vault 1.12+**
	AutoRebuild pulumi.BoolPtrInput
	// Grace period before CRL expiry to attempt rebuild of CRL. **Vault 1.12+**
	AutoRebuildGracePeriod pulumi.StringPtrInput
	// The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
	Backend pulumi.StringInput
	// Enable cross-cluster revocation request queues. **Vault 1.13+**
	CrossClusterRevocation pulumi.BoolPtrInput
	// Interval to check for new revocations on, to regenerate the delta CRL.
	DeltaRebuildInterval pulumi.StringPtrInput
	// Disables or enables CRL building.
	Disable pulumi.BoolPtrInput
	// Enables building of delta CRLs with up-to-date revocation information,
	// augmenting the last complete CRL.  **Vault 1.12+**
	EnableDelta pulumi.BoolPtrInput
	// Specifies the time until expiration.
	Expiry pulumi.StringPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// Disables the OCSP responder in Vault. **Vault 1.12+**
	OcspDisable pulumi.BoolPtrInput
	// The amount of time an OCSP response can be cached for, useful for OCSP stapling
	// refresh durations. **Vault 1.12+**
	OcspExpiry pulumi.StringPtrInput
	// Enables unified CRL and OCSP building. **Vault 1.13+**
	UnifiedCrl pulumi.BoolPtrInput
	// Enables serving the unified CRL and OCSP on the existing, previously
	// cluster-local paths. **Vault 1.13+**
	UnifiedCrlOnExistingPaths pulumi.BoolPtrInput
}

The set of arguments for constructing a SecretBackendCrlConfig resource.

func (SecretBackendCrlConfigArgs) ElementType 

func (SecretBackendCrlConfigArgs) ElementType() reflect.Type

type SecretBackendCrlConfigArray 

type SecretBackendCrlConfigArray []SecretBackendCrlConfigInput

func (SecretBackendCrlConfigArray) ElementType 

func (SecretBackendCrlConfigArray) ElementType() reflect.Type

func (SecretBackendCrlConfigArray) ToSecretBackendCrlConfigArrayOutput 

func (i SecretBackendCrlConfigArray) ToSecretBackendCrlConfigArrayOutput() SecretBackendCrlConfigArrayOutput

func (SecretBackendCrlConfigArray) ToSecretBackendCrlConfigArrayOutputWithContext 

func (i SecretBackendCrlConfigArray) ToSecretBackendCrlConfigArrayOutputWithContext(ctx context.Context) SecretBackendCrlConfigArrayOutput

type SecretBackendCrlConfigArrayInput 

type SecretBackendCrlConfigArrayInput interface {
	pulumi.Input

	ToSecretBackendCrlConfigArrayOutput() SecretBackendCrlConfigArrayOutput
	ToSecretBackendCrlConfigArrayOutputWithContext(context.Context) SecretBackendCrlConfigArrayOutput
}

SecretBackendCrlConfigArrayInput is an input type that accepts SecretBackendCrlConfigArray and SecretBackendCrlConfigArrayOutput values. You can construct a concrete instance of `SecretBackendCrlConfigArrayInput` via: 

SecretBackendCrlConfigArray{ SecretBackendCrlConfigArgs{...} }

type SecretBackendCrlConfigArrayOutput 

type SecretBackendCrlConfigArrayOutput struct{ *pulumi.OutputState }

func (SecretBackendCrlConfigArrayOutput) ElementType 

func (SecretBackendCrlConfigArrayOutput) ElementType() reflect.Type

func (SecretBackendCrlConfigArrayOutput) Index 

func (o SecretBackendCrlConfigArrayOutput) Index(i pulumi.IntInput) SecretBackendCrlConfigOutput

func (SecretBackendCrlConfigArrayOutput) ToSecretBackendCrlConfigArrayOutput 

func (o SecretBackendCrlConfigArrayOutput) ToSecretBackendCrlConfigArrayOutput() SecretBackendCrlConfigArrayOutput

func (SecretBackendCrlConfigArrayOutput) ToSecretBackendCrlConfigArrayOutputWithContext 

func (o SecretBackendCrlConfigArrayOutput) ToSecretBackendCrlConfigArrayOutputWithContext(ctx context.Context) SecretBackendCrlConfigArrayOutput

type SecretBackendCrlConfigInput 

type SecretBackendCrlConfigInput interface {
	pulumi.Input

	ToSecretBackendCrlConfigOutput() SecretBackendCrlConfigOutput
	ToSecretBackendCrlConfigOutputWithContext(ctx context.Context) SecretBackendCrlConfigOutput
}

type SecretBackendCrlConfigMap 

type SecretBackendCrlConfigMap map[string]SecretBackendCrlConfigInput

func (SecretBackendCrlConfigMap) ElementType 

func (SecretBackendCrlConfigMap) ElementType() reflect.Type

func (SecretBackendCrlConfigMap) ToSecretBackendCrlConfigMapOutput 

func (i SecretBackendCrlConfigMap) ToSecretBackendCrlConfigMapOutput() SecretBackendCrlConfigMapOutput

func (SecretBackendCrlConfigMap) ToSecretBackendCrlConfigMapOutputWithContext 

func (i SecretBackendCrlConfigMap) ToSecretBackendCrlConfigMapOutputWithContext(ctx context.Context) SecretBackendCrlConfigMapOutput

type SecretBackendCrlConfigMapInput 

type SecretBackendCrlConfigMapInput interface {
	pulumi.Input

	ToSecretBackendCrlConfigMapOutput() SecretBackendCrlConfigMapOutput
	ToSecretBackendCrlConfigMapOutputWithContext(context.Context) SecretBackendCrlConfigMapOutput
}

SecretBackendCrlConfigMapInput is an input type that accepts SecretBackendCrlConfigMap and SecretBackendCrlConfigMapOutput values. You can construct a concrete instance of `SecretBackendCrlConfigMapInput` via: 

SecretBackendCrlConfigMap{ "key": SecretBackendCrlConfigArgs{...} }

type SecretBackendCrlConfigMapOutput 

type SecretBackendCrlConfigMapOutput struct{ *pulumi.OutputState }

func (SecretBackendCrlConfigMapOutput) ElementType 

func (SecretBackendCrlConfigMapOutput) ElementType() reflect.Type

func (SecretBackendCrlConfigMapOutput) MapIndex 

func (o SecretBackendCrlConfigMapOutput) MapIndex(k pulumi.StringInput) SecretBackendCrlConfigOutput

func (SecretBackendCrlConfigMapOutput) ToSecretBackendCrlConfigMapOutput 

func (o SecretBackendCrlConfigMapOutput) ToSecretBackendCrlConfigMapOutput() SecretBackendCrlConfigMapOutput

func (SecretBackendCrlConfigMapOutput) ToSecretBackendCrlConfigMapOutputWithContext 

func (o SecretBackendCrlConfigMapOutput) ToSecretBackendCrlConfigMapOutputWithContext(ctx context.Context) SecretBackendCrlConfigMapOutput

type SecretBackendCrlConfigOutput 

type SecretBackendCrlConfigOutput struct{ *pulumi.OutputState }

func (SecretBackendCrlConfigOutput) AutoRebuild 

func (o SecretBackendCrlConfigOutput) AutoRebuild() pulumi.BoolPtrOutput

Enables periodic rebuilding of the CRL upon expiry. **Vault 1.12+**

func (SecretBackendCrlConfigOutput) AutoRebuildGracePeriod 

func (o SecretBackendCrlConfigOutput) AutoRebuildGracePeriod() pulumi.StringOutput

Grace period before CRL expiry to attempt rebuild of CRL. **Vault 1.12+**

func (SecretBackendCrlConfigOutput) Backend 

func (o SecretBackendCrlConfigOutput) Backend() pulumi.StringOutput

The path the PKI secret backend is mounted at, with no leading or trailing `/`s.

func (SecretBackendCrlConfigOutput) CrossClusterRevocation 

func (o SecretBackendCrlConfigOutput) CrossClusterRevocation() pulumi.BoolOutput

Enable cross-cluster revocation request queues. **Vault 1.13+**

func (SecretBackendCrlConfigOutput) DeltaRebuildInterval 

func (o SecretBackendCrlConfigOutput) DeltaRebuildInterval() pulumi.StringOutput

Interval to check for new revocations on, to regenerate the delta CRL.

func (SecretBackendCrlConfigOutput) Disable 

func (o SecretBackendCrlConfigOutput) Disable() pulumi.BoolPtrOutput

Disables or enables CRL building.

func (SecretBackendCrlConfigOutput) ElementType 

func (SecretBackendCrlConfigOutput) ElementType() reflect.Type

func (SecretBackendCrlConfigOutput) EnableDelta 

func (o SecretBackendCrlConfigOutput) EnableDelta() pulumi.BoolPtrOutput

Enables building of delta CRLs with up-to-date revocation information, augmenting the last complete CRL. **Vault 1.12+**

func (SecretBackendCrlConfigOutput) Expiry 

func (o SecretBackendCrlConfigOutput) Expiry() pulumi.StringPtrOutput

Specifies the time until expiration.

func (SecretBackendCrlConfigOutput) Namespace 

func (o SecretBackendCrlConfigOutput) Namespace() pulumi.StringPtrOutput

The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). *Available only for Vault Enterprise*.

func (SecretBackendCrlConfigOutput) OcspDisable 

func (o SecretBackendCrlConfigOutput) OcspDisable() pulumi.BoolPtrOutput

Disables the OCSP responder in Vault. **Vault 1.12+**

func (SecretBackendCrlConfigOutput) OcspExpiry 

func (o SecretBackendCrlConfigOutput) OcspExpiry() pulumi.StringOutput

The amount of time an OCSP response can be cached for, useful for OCSP stapling refresh durations. **Vault 1.12+**

func (SecretBackendCrlConfigOutput) ToSecretBackendCrlConfigOutput 

func (o SecretBackendCrlConfigOutput) ToSecretBackendCrlConfigOutput() SecretBackendCrlConfigOutput

func (SecretBackendCrlConfigOutput) ToSecretBackendCrlConfigOutputWithContext 

func (o SecretBackendCrlConfigOutput) ToSecretBackendCrlConfigOutputWithContext(ctx context.Context) SecretBackendCrlConfigOutput

func (SecretBackendCrlConfigOutput) UnifiedCrl 

func (o SecretBackendCrlConfigOutput) UnifiedCrl() pulumi.BoolOutput

Enables unified CRL and OCSP building. **Vault 1.13+**

func (SecretBackendCrlConfigOutput) UnifiedCrlOnExistingPaths 

func (o SecretBackendCrlConfigOutput) UnifiedCrlOnExistingPaths() pulumi.BoolOutput

Enables serving the unified CRL and OCSP on the existing, previously cluster-local paths. **Vault 1.13+**

type SecretBackendCrlConfigState 

type SecretBackendCrlConfigState struct {
	// Enables periodic rebuilding of the CRL upon expiry. **Vault 1.12+**
	AutoRebuild pulumi.BoolPtrInput
	// Grace period before CRL expiry to attempt rebuild of CRL. **Vault 1.12+**
	AutoRebuildGracePeriod pulumi.StringPtrInput
	// The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
	Backend pulumi.StringPtrInput
	// Enable cross-cluster revocation request queues. **Vault 1.13+**
	CrossClusterRevocation pulumi.BoolPtrInput
	// Interval to check for new revocations on, to regenerate the delta CRL.
	DeltaRebuildInterval pulumi.StringPtrInput
	// Disables or enables CRL building.
	Disable pulumi.BoolPtrInput
	// Enables building of delta CRLs with up-to-date revocation information,
	// augmenting the last complete CRL.  **Vault 1.12+**
	EnableDelta pulumi.BoolPtrInput
	// Specifies the time until expiration.
	Expiry pulumi.StringPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// Disables the OCSP responder in Vault. **Vault 1.12+**
	OcspDisable pulumi.BoolPtrInput
	// The amount of time an OCSP response can be cached for, useful for OCSP stapling
	// refresh durations. **Vault 1.12+**
	OcspExpiry pulumi.StringPtrInput
	// Enables unified CRL and OCSP building. **Vault 1.13+**
	UnifiedCrl pulumi.BoolPtrInput
	// Enables serving the unified CRL and OCSP on the existing, previously
	// cluster-local paths. **Vault 1.13+**
	UnifiedCrlOnExistingPaths pulumi.BoolPtrInput
}

func (SecretBackendCrlConfigState) ElementType 

func (SecretBackendCrlConfigState) ElementType() reflect.Type

type SecretBackendIntermediateCertRequest 

type SecretBackendIntermediateCertRequest struct {
	pulumi.CustomResourceState

	// Adds a Basic Constraints extension with 'CA: true'.
	// Only needed as a workaround in some compatibility scenarios with Active Directory
	// Certificate Services
	AddBasicConstraints pulumi.BoolPtrOutput `pulumi:"addBasicConstraints"`
	// List of alternative names
	AltNames pulumi.StringArrayOutput `pulumi:"altNames"`
	// The PKI secret backend the resource belongs to.
	Backend pulumi.StringOutput `pulumi:"backend"`
	// CN of intermediate to create
	CommonName pulumi.StringOutput `pulumi:"commonName"`
	// The country
	Country pulumi.StringPtrOutput `pulumi:"country"`
	// The CSR
	Csr pulumi.StringOutput `pulumi:"csr"`
	// Flag to exclude CN from SANs
	ExcludeCnFromSans pulumi.BoolPtrOutput `pulumi:"excludeCnFromSans"`
	// The format of data
	Format pulumi.StringPtrOutput `pulumi:"format"`
	// List of alternative IPs
	IpSans pulumi.StringArrayOutput `pulumi:"ipSans"`
	// The number of bits to use
	KeyBits pulumi.IntPtrOutput `pulumi:"keyBits"`
	// The ID of the generated key.
	KeyId pulumi.StringOutput `pulumi:"keyId"`
	// When a new key is created with this request, optionally specifies
	// the name for this. The global ref `default` may not be used as a name.
	KeyName pulumi.StringOutput `pulumi:"keyName"`
	// Specifies the key (either default, by name, or by identifier) to use
	// for generating this request. Only suitable for `type=existing` requests.
	KeyRef pulumi.StringOutput `pulumi:"keyRef"`
	// The desired key type
	KeyType pulumi.StringPtrOutput `pulumi:"keyType"`
	// The locality
	Locality pulumi.StringPtrOutput `pulumi:"locality"`
	// The ID of the previously configured managed key. This field is
	// required if `type` is `kms` and it conflicts with `managedKeyName`
	ManagedKeyId pulumi.StringPtrOutput `pulumi:"managedKeyId"`
	// The name of the previously configured managed key. This field is
	// required if `type` is `kms`  and it conflicts with `managedKeyId`
	ManagedKeyName pulumi.StringPtrOutput `pulumi:"managedKeyName"`
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrOutput `pulumi:"namespace"`
	// The organization
	Organization pulumi.StringPtrOutput `pulumi:"organization"`
	// List of other SANs
	OtherSans pulumi.StringArrayOutput `pulumi:"otherSans"`
	// The organization unit
	Ou pulumi.StringPtrOutput `pulumi:"ou"`
	// The postal code
	PostalCode pulumi.StringPtrOutput `pulumi:"postalCode"`
	// The private key
	PrivateKey pulumi.StringOutput `pulumi:"privateKey"`
	// The private key format
	PrivateKeyFormat pulumi.StringPtrOutput `pulumi:"privateKeyFormat"`
	// The private key type
	PrivateKeyType pulumi.StringOutput `pulumi:"privateKeyType"`
	// The province
	Province pulumi.StringPtrOutput `pulumi:"province"`
	// The street address
	StreetAddress pulumi.StringPtrOutput `pulumi:"streetAddress"`
	// Type of intermediate to create. Must be either \"exported\" or \"internal\"
	// or \"kms\"
	Type pulumi.StringOutput `pulumi:"type"`
	// List of alternative URIs
	UriSans pulumi.StringArrayOutput `pulumi:"uriSans"`
}

## Example Usage

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/pkiSecret"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := pkiSecret.NewSecretBackendIntermediateCertRequest(ctx, "test", &pkiSecret.SecretBackendIntermediateCertRequestArgs{
			Backend:    pulumi.Any(vault_mount.Pki.Path),
			Type:       pulumi.String("internal"),
			CommonName: pulumi.String("app.my.domain"),
		}, pulumi.DependsOn([]pulumi.Resource{
			vault_mount.Pki,
		}))
		if err != nil {
			return err
		}
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

func GetSecretBackendIntermediateCertRequest 

func GetSecretBackendIntermediateCertRequest(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *SecretBackendIntermediateCertRequestState, opts ...pulumi.ResourceOption) (*SecretBackendIntermediateCertRequest, error)

GetSecretBackendIntermediateCertRequest gets an existing SecretBackendIntermediateCertRequest resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewSecretBackendIntermediateCertRequest 

func NewSecretBackendIntermediateCertRequest(ctx *pulumi.Context,
	name string, args *SecretBackendIntermediateCertRequestArgs, opts ...pulumi.ResourceOption) (*SecretBackendIntermediateCertRequest, error)

NewSecretBackendIntermediateCertRequest registers a new resource with the given unique name, arguments, and options.

func (*SecretBackendIntermediateCertRequest) ElementType 

func (*SecretBackendIntermediateCertRequest) ElementType() reflect.Type

func (*SecretBackendIntermediateCertRequest) ToSecretBackendIntermediateCertRequestOutput 

func (i *SecretBackendIntermediateCertRequest) ToSecretBackendIntermediateCertRequestOutput() SecretBackendIntermediateCertRequestOutput

func (*SecretBackendIntermediateCertRequest) ToSecretBackendIntermediateCertRequestOutputWithContext 

func (i *SecretBackendIntermediateCertRequest) ToSecretBackendIntermediateCertRequestOutputWithContext(ctx context.Context) SecretBackendIntermediateCertRequestOutput

type SecretBackendIntermediateCertRequestArgs 

type SecretBackendIntermediateCertRequestArgs struct {
	// Adds a Basic Constraints extension with 'CA: true'.
	// Only needed as a workaround in some compatibility scenarios with Active Directory
	// Certificate Services
	AddBasicConstraints pulumi.BoolPtrInput
	// List of alternative names
	AltNames pulumi.StringArrayInput
	// The PKI secret backend the resource belongs to.
	Backend pulumi.StringInput
	// CN of intermediate to create
	CommonName pulumi.StringInput
	// The country
	Country pulumi.StringPtrInput
	// Flag to exclude CN from SANs
	ExcludeCnFromSans pulumi.BoolPtrInput
	// The format of data
	Format pulumi.StringPtrInput
	// List of alternative IPs
	IpSans pulumi.StringArrayInput
	// The number of bits to use
	KeyBits pulumi.IntPtrInput
	// When a new key is created with this request, optionally specifies
	// the name for this. The global ref `default` may not be used as a name.
	KeyName pulumi.StringPtrInput
	// Specifies the key (either default, by name, or by identifier) to use
	// for generating this request. Only suitable for `type=existing` requests.
	KeyRef pulumi.StringPtrInput
	// The desired key type
	KeyType pulumi.StringPtrInput
	// The locality
	Locality pulumi.StringPtrInput
	// The ID of the previously configured managed key. This field is
	// required if `type` is `kms` and it conflicts with `managedKeyName`
	ManagedKeyId pulumi.StringPtrInput
	// The name of the previously configured managed key. This field is
	// required if `type` is `kms`  and it conflicts with `managedKeyId`
	ManagedKeyName pulumi.StringPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// The organization
	Organization pulumi.StringPtrInput
	// List of other SANs
	OtherSans pulumi.StringArrayInput
	// The organization unit
	Ou pulumi.StringPtrInput
	// The postal code
	PostalCode pulumi.StringPtrInput
	// The private key format
	PrivateKeyFormat pulumi.StringPtrInput
	// The province
	Province pulumi.StringPtrInput
	// The street address
	StreetAddress pulumi.StringPtrInput
	// Type of intermediate to create. Must be either \"exported\" or \"internal\"
	// or \"kms\"
	Type pulumi.StringInput
	// List of alternative URIs
	UriSans pulumi.StringArrayInput
}

The set of arguments for constructing a SecretBackendIntermediateCertRequest resource.

func (SecretBackendIntermediateCertRequestArgs) ElementType 

func (SecretBackendIntermediateCertRequestArgs) ElementType() reflect.Type

type SecretBackendIntermediateCertRequestArray 

type SecretBackendIntermediateCertRequestArray []SecretBackendIntermediateCertRequestInput

func (SecretBackendIntermediateCertRequestArray) ElementType 

func (SecretBackendIntermediateCertRequestArray) ElementType() reflect.Type

func (SecretBackendIntermediateCertRequestArray) ToSecretBackendIntermediateCertRequestArrayOutput 

func (i SecretBackendIntermediateCertRequestArray) ToSecretBackendIntermediateCertRequestArrayOutput() SecretBackendIntermediateCertRequestArrayOutput

func (SecretBackendIntermediateCertRequestArray) ToSecretBackendIntermediateCertRequestArrayOutputWithContext 

func (i SecretBackendIntermediateCertRequestArray) ToSecretBackendIntermediateCertRequestArrayOutputWithContext(ctx context.Context) SecretBackendIntermediateCertRequestArrayOutput

type SecretBackendIntermediateCertRequestArrayInput 

type SecretBackendIntermediateCertRequestArrayInput interface {
	pulumi.Input

	ToSecretBackendIntermediateCertRequestArrayOutput() SecretBackendIntermediateCertRequestArrayOutput
	ToSecretBackendIntermediateCertRequestArrayOutputWithContext(context.Context) SecretBackendIntermediateCertRequestArrayOutput
}

SecretBackendIntermediateCertRequestArrayInput is an input type that accepts SecretBackendIntermediateCertRequestArray and SecretBackendIntermediateCertRequestArrayOutput values. You can construct a concrete instance of `SecretBackendIntermediateCertRequestArrayInput` via: 

SecretBackendIntermediateCertRequestArray{ SecretBackendIntermediateCertRequestArgs{...} }

type SecretBackendIntermediateCertRequestArrayOutput 

type SecretBackendIntermediateCertRequestArrayOutput struct{ *pulumi.OutputState }

func (SecretBackendIntermediateCertRequestArrayOutput) ElementType 

func (SecretBackendIntermediateCertRequestArrayOutput) ElementType() reflect.Type

func (SecretBackendIntermediateCertRequestArrayOutput) Index 

func (o SecretBackendIntermediateCertRequestArrayOutput) Index(i pulumi.IntInput) SecretBackendIntermediateCertRequestOutput

func (SecretBackendIntermediateCertRequestArrayOutput) ToSecretBackendIntermediateCertRequestArrayOutput 

func (o SecretBackendIntermediateCertRequestArrayOutput) ToSecretBackendIntermediateCertRequestArrayOutput() SecretBackendIntermediateCertRequestArrayOutput

func (SecretBackendIntermediateCertRequestArrayOutput) ToSecretBackendIntermediateCertRequestArrayOutputWithContext 

func (o SecretBackendIntermediateCertRequestArrayOutput) ToSecretBackendIntermediateCertRequestArrayOutputWithContext(ctx context.Context) SecretBackendIntermediateCertRequestArrayOutput

type SecretBackendIntermediateCertRequestInput 

type SecretBackendIntermediateCertRequestInput interface {
	pulumi.Input

	ToSecretBackendIntermediateCertRequestOutput() SecretBackendIntermediateCertRequestOutput
	ToSecretBackendIntermediateCertRequestOutputWithContext(ctx context.Context) SecretBackendIntermediateCertRequestOutput
}

type SecretBackendIntermediateCertRequestMap 

type SecretBackendIntermediateCertRequestMap map[string]SecretBackendIntermediateCertRequestInput

func (SecretBackendIntermediateCertRequestMap) ElementType 

func (SecretBackendIntermediateCertRequestMap) ElementType() reflect.Type

func (SecretBackendIntermediateCertRequestMap) ToSecretBackendIntermediateCertRequestMapOutput 

func (i SecretBackendIntermediateCertRequestMap) ToSecretBackendIntermediateCertRequestMapOutput() SecretBackendIntermediateCertRequestMapOutput

func (SecretBackendIntermediateCertRequestMap) ToSecretBackendIntermediateCertRequestMapOutputWithContext 

func (i SecretBackendIntermediateCertRequestMap) ToSecretBackendIntermediateCertRequestMapOutputWithContext(ctx context.Context) SecretBackendIntermediateCertRequestMapOutput

type SecretBackendIntermediateCertRequestMapInput 

type SecretBackendIntermediateCertRequestMapInput interface {
	pulumi.Input

	ToSecretBackendIntermediateCertRequestMapOutput() SecretBackendIntermediateCertRequestMapOutput
	ToSecretBackendIntermediateCertRequestMapOutputWithContext(context.Context) SecretBackendIntermediateCertRequestMapOutput
}

SecretBackendIntermediateCertRequestMapInput is an input type that accepts SecretBackendIntermediateCertRequestMap and SecretBackendIntermediateCertRequestMapOutput values. You can construct a concrete instance of `SecretBackendIntermediateCertRequestMapInput` via: 

SecretBackendIntermediateCertRequestMap{ "key": SecretBackendIntermediateCertRequestArgs{...} }

type SecretBackendIntermediateCertRequestMapOutput 

type SecretBackendIntermediateCertRequestMapOutput struct{ *pulumi.OutputState }

func (SecretBackendIntermediateCertRequestMapOutput) ElementType 

func (SecretBackendIntermediateCertRequestMapOutput) ElementType() reflect.Type

func (SecretBackendIntermediateCertRequestMapOutput) MapIndex 

func (o SecretBackendIntermediateCertRequestMapOutput) MapIndex(k pulumi.StringInput) SecretBackendIntermediateCertRequestOutput

func (SecretBackendIntermediateCertRequestMapOutput) ToSecretBackendIntermediateCertRequestMapOutput 

func (o SecretBackendIntermediateCertRequestMapOutput) ToSecretBackendIntermediateCertRequestMapOutput() SecretBackendIntermediateCertRequestMapOutput

func (SecretBackendIntermediateCertRequestMapOutput) ToSecretBackendIntermediateCertRequestMapOutputWithContext 

func (o SecretBackendIntermediateCertRequestMapOutput) ToSecretBackendIntermediateCertRequestMapOutputWithContext(ctx context.Context) SecretBackendIntermediateCertRequestMapOutput

type SecretBackendIntermediateCertRequestOutput 

type SecretBackendIntermediateCertRequestOutput struct{ *pulumi.OutputState }

func (SecretBackendIntermediateCertRequestOutput) AddBasicConstraints 

func (o SecretBackendIntermediateCertRequestOutput) AddBasicConstraints() pulumi.BoolPtrOutput

Adds a Basic Constraints extension with 'CA: true'. Only needed as a workaround in some compatibility scenarios with Active Directory Certificate Services

func (SecretBackendIntermediateCertRequestOutput) AltNames 

func (o SecretBackendIntermediateCertRequestOutput) AltNames() pulumi.StringArrayOutput

List of alternative names

func (SecretBackendIntermediateCertRequestOutput) Backend 

func (o SecretBackendIntermediateCertRequestOutput) Backend() pulumi.StringOutput

The PKI secret backend the resource belongs to.

func (SecretBackendIntermediateCertRequestOutput) CommonName 

func (o SecretBackendIntermediateCertRequestOutput) CommonName() pulumi.StringOutput

CN of intermediate to create

func (SecretBackendIntermediateCertRequestOutput) Country 

func (o SecretBackendIntermediateCertRequestOutput) Country() pulumi.StringPtrOutput

The country

func (SecretBackendIntermediateCertRequestOutput) Csr 

func (o SecretBackendIntermediateCertRequestOutput) Csr() pulumi.StringOutput

The CSR

func (SecretBackendIntermediateCertRequestOutput) ElementType 

func (SecretBackendIntermediateCertRequestOutput) ElementType() reflect.Type

func (SecretBackendIntermediateCertRequestOutput) ExcludeCnFromSans 

func (o SecretBackendIntermediateCertRequestOutput) ExcludeCnFromSans() pulumi.BoolPtrOutput

Flag to exclude CN from SANs

func (SecretBackendIntermediateCertRequestOutput) Format 

func (o SecretBackendIntermediateCertRequestOutput) Format() pulumi.StringPtrOutput

The format of data

func (SecretBackendIntermediateCertRequestOutput) IpSans 

func (o SecretBackendIntermediateCertRequestOutput) IpSans() pulumi.StringArrayOutput

List of alternative IPs

func (SecretBackendIntermediateCertRequestOutput) KeyBits 

func (o SecretBackendIntermediateCertRequestOutput) KeyBits() pulumi.IntPtrOutput

The number of bits to use

func (SecretBackendIntermediateCertRequestOutput) KeyId 

func (o SecretBackendIntermediateCertRequestOutput) KeyId() pulumi.StringOutput

The ID of the generated key.

func (SecretBackendIntermediateCertRequestOutput) KeyName 

func (o SecretBackendIntermediateCertRequestOutput) KeyName() pulumi.StringOutput

When a new key is created with this request, optionally specifies the name for this. The global ref `default` may not be used as a name.

func (SecretBackendIntermediateCertRequestOutput) KeyRef 

func (o SecretBackendIntermediateCertRequestOutput) KeyRef() pulumi.StringOutput

Specifies the key (either default, by name, or by identifier) to use for generating this request. Only suitable for `type=existing` requests.

func (SecretBackendIntermediateCertRequestOutput) KeyType 

func (o SecretBackendIntermediateCertRequestOutput) KeyType() pulumi.StringPtrOutput

The desired key type

func (SecretBackendIntermediateCertRequestOutput) Locality 

func (o SecretBackendIntermediateCertRequestOutput) Locality() pulumi.StringPtrOutput

The locality

func (SecretBackendIntermediateCertRequestOutput) ManagedKeyId 

func (o SecretBackendIntermediateCertRequestOutput) ManagedKeyId() pulumi.StringPtrOutput

The ID of the previously configured managed key. This field is required if `type` is `kms` and it conflicts with `managedKeyName`

func (SecretBackendIntermediateCertRequestOutput) ManagedKeyName 

func (o SecretBackendIntermediateCertRequestOutput) ManagedKeyName() pulumi.StringPtrOutput

The name of the previously configured managed key. This field is required if `type` is `kms` and it conflicts with `managedKeyId`

func (SecretBackendIntermediateCertRequestOutput) Namespace 

func (o SecretBackendIntermediateCertRequestOutput) Namespace() pulumi.StringPtrOutput

The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). *Available only for Vault Enterprise*.

func (SecretBackendIntermediateCertRequestOutput) Organization 

func (o SecretBackendIntermediateCertRequestOutput) Organization() pulumi.StringPtrOutput

The organization

func (SecretBackendIntermediateCertRequestOutput) OtherSans 

func (o SecretBackendIntermediateCertRequestOutput) OtherSans() pulumi.StringArrayOutput

List of other SANs

func (SecretBackendIntermediateCertRequestOutput) Ou 

func (o SecretBackendIntermediateCertRequestOutput) Ou() pulumi.StringPtrOutput

The organization unit

func (SecretBackendIntermediateCertRequestOutput) PostalCode 

func (o SecretBackendIntermediateCertRequestOutput) PostalCode() pulumi.StringPtrOutput

The postal code

func (SecretBackendIntermediateCertRequestOutput) PrivateKey 

func (o SecretBackendIntermediateCertRequestOutput) PrivateKey() pulumi.StringOutput

The private key

func (SecretBackendIntermediateCertRequestOutput) PrivateKeyFormat 

func (o SecretBackendIntermediateCertRequestOutput) PrivateKeyFormat() pulumi.StringPtrOutput

The private key format

func (SecretBackendIntermediateCertRequestOutput) PrivateKeyType 

func (o SecretBackendIntermediateCertRequestOutput) PrivateKeyType() pulumi.StringOutput

The private key type

func (SecretBackendIntermediateCertRequestOutput) Province 

func (o SecretBackendIntermediateCertRequestOutput) Province() pulumi.StringPtrOutput

The province

func (SecretBackendIntermediateCertRequestOutput) StreetAddress 

func (o SecretBackendIntermediateCertRequestOutput) StreetAddress() pulumi.StringPtrOutput

The street address

func (SecretBackendIntermediateCertRequestOutput) ToSecretBackendIntermediateCertRequestOutput 

func (o SecretBackendIntermediateCertRequestOutput) ToSecretBackendIntermediateCertRequestOutput() SecretBackendIntermediateCertRequestOutput

func (SecretBackendIntermediateCertRequestOutput) ToSecretBackendIntermediateCertRequestOutputWithContext 

func (o SecretBackendIntermediateCertRequestOutput) ToSecretBackendIntermediateCertRequestOutputWithContext(ctx context.Context) SecretBackendIntermediateCertRequestOutput

func (SecretBackendIntermediateCertRequestOutput) Type 

func (o SecretBackendIntermediateCertRequestOutput) Type() pulumi.StringOutput

Type of intermediate to create. Must be either \"exported\" or \"internal\" or \"kms\"

func (SecretBackendIntermediateCertRequestOutput) UriSans 

func (o SecretBackendIntermediateCertRequestOutput) UriSans() pulumi.StringArrayOutput

List of alternative URIs

type SecretBackendIntermediateCertRequestState 

type SecretBackendIntermediateCertRequestState struct {
	// Adds a Basic Constraints extension with 'CA: true'.
	// Only needed as a workaround in some compatibility scenarios with Active Directory
	// Certificate Services
	AddBasicConstraints pulumi.BoolPtrInput
	// List of alternative names
	AltNames pulumi.StringArrayInput
	// The PKI secret backend the resource belongs to.
	Backend pulumi.StringPtrInput
	// CN of intermediate to create
	CommonName pulumi.StringPtrInput
	// The country
	Country pulumi.StringPtrInput
	// The CSR
	Csr pulumi.StringPtrInput
	// Flag to exclude CN from SANs
	ExcludeCnFromSans pulumi.BoolPtrInput
	// The format of data
	Format pulumi.StringPtrInput
	// List of alternative IPs
	IpSans pulumi.StringArrayInput
	// The number of bits to use
	KeyBits pulumi.IntPtrInput
	// The ID of the generated key.
	KeyId pulumi.StringPtrInput
	// When a new key is created with this request, optionally specifies
	// the name for this. The global ref `default` may not be used as a name.
	KeyName pulumi.StringPtrInput
	// Specifies the key (either default, by name, or by identifier) to use
	// for generating this request. Only suitable for `type=existing` requests.
	KeyRef pulumi.StringPtrInput
	// The desired key type
	KeyType pulumi.StringPtrInput
	// The locality
	Locality pulumi.StringPtrInput
	// The ID of the previously configured managed key. This field is
	// required if `type` is `kms` and it conflicts with `managedKeyName`
	ManagedKeyId pulumi.StringPtrInput
	// The name of the previously configured managed key. This field is
	// required if `type` is `kms`  and it conflicts with `managedKeyId`
	ManagedKeyName pulumi.StringPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// The organization
	Organization pulumi.StringPtrInput
	// List of other SANs
	OtherSans pulumi.StringArrayInput
	// The organization unit
	Ou pulumi.StringPtrInput
	// The postal code
	PostalCode pulumi.StringPtrInput
	// The private key
	PrivateKey pulumi.StringPtrInput
	// The private key format
	PrivateKeyFormat pulumi.StringPtrInput
	// The private key type
	PrivateKeyType pulumi.StringPtrInput
	// The province
	Province pulumi.StringPtrInput
	// The street address
	StreetAddress pulumi.StringPtrInput
	// Type of intermediate to create. Must be either \"exported\" or \"internal\"
	// or \"kms\"
	Type pulumi.StringPtrInput
	// List of alternative URIs
	UriSans pulumi.StringArrayInput
}

func (SecretBackendIntermediateCertRequestState) ElementType 

func (SecretBackendIntermediateCertRequestState) ElementType() reflect.Type

type SecretBackendIntermediateSetSigned 

type SecretBackendIntermediateSetSigned struct {
	pulumi.CustomResourceState

	// The PKI secret backend the resource belongs to.
	Backend pulumi.StringOutput `pulumi:"backend"`
	// Specifies the PEM encoded certificate. May optionally append additional
	// CA certificates to populate the whole chain, which will then enable returning the full chain from
	// issue and sign operations.
	Certificate pulumi.StringOutput `pulumi:"certificate"`
	// The imported issuers indicating which issuers were created as part of
	// this request.
	ImportedIssuers pulumi.StringArrayOutput `pulumi:"importedIssuers"`
	// The imported keys indicating which keys were created as part of this request.
	ImportedKeys pulumi.StringArrayOutput `pulumi:"importedKeys"`
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrOutput `pulumi:"namespace"`
}

## Example Usage

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault"
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/pkiSecret"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		root, err := vault.NewMount(ctx, "root", &vault.MountArgs{
			Path:                   pulumi.String("pki-root"),
			Type:                   pulumi.String("pki"),
			Description:            pulumi.String("root"),
			DefaultLeaseTtlSeconds: pulumi.Int(8640000),
			MaxLeaseTtlSeconds:     pulumi.Int(8640000),
		})
		if err != nil {
			return err
		}
		intermediate, err := vault.NewMount(ctx, "intermediate", &vault.MountArgs{
			Path:                   pulumi.String("pki-int"),
			Type:                   root.Type,
			Description:            pulumi.String("intermediate"),
			DefaultLeaseTtlSeconds: pulumi.Int(86400),
			MaxLeaseTtlSeconds:     pulumi.Int(86400),
		})
		if err != nil {
			return err
		}
		exampleSecretBackendRootCert, err := pkiSecret.NewSecretBackendRootCert(ctx, "exampleSecretBackendRootCert", &pkiSecret.SecretBackendRootCertArgs{
			Backend:           root.Path,
			Type:              pulumi.String("internal"),
			CommonName:        pulumi.String("RootOrg Root CA"),
			Ttl:               pulumi.String("86400"),
			Format:            pulumi.String("pem"),
			PrivateKeyFormat:  pulumi.String("der"),
			KeyType:           pulumi.String("rsa"),
			KeyBits:           pulumi.Int(4096),
			ExcludeCnFromSans: pulumi.Bool(true),
			Ou:                pulumi.String("Organizational Unit"),
			Organization:      pulumi.String("RootOrg"),
			Country:           pulumi.String("US"),
			Locality:          pulumi.String("San Francisco"),
			Province:          pulumi.String("CA"),
		})
		if err != nil {
			return err
		}
		exampleSecretBackendIntermediateCertRequest, err := pkiSecret.NewSecretBackendIntermediateCertRequest(ctx, "exampleSecretBackendIntermediateCertRequest", &pkiSecret.SecretBackendIntermediateCertRequestArgs{
			Backend:    intermediate.Path,
			Type:       exampleSecretBackendRootCert.Type,
			CommonName: pulumi.String("SubOrg Intermediate CA"),
		})
		if err != nil {
			return err
		}
		exampleSecretBackendRootSignIntermediate, err := pkiSecret.NewSecretBackendRootSignIntermediate(ctx, "exampleSecretBackendRootSignIntermediate", &pkiSecret.SecretBackendRootSignIntermediateArgs{
			Backend:           root.Path,
			Csr:               exampleSecretBackendIntermediateCertRequest.Csr,
			CommonName:        pulumi.String("SubOrg Intermediate CA"),
			ExcludeCnFromSans: pulumi.Bool(true),
			Ou:                pulumi.String("SubUnit"),
			Organization:      pulumi.String("SubOrg"),
			Country:           pulumi.String("US"),
			Locality:          pulumi.String("San Francisco"),
			Province:          pulumi.String("CA"),
			Revoke:            pulumi.Bool(true),
		})
		if err != nil {
			return err
		}
		_, err = pkiSecret.NewSecretBackendIntermediateSetSigned(ctx, "exampleSecretBackendIntermediateSetSigned", &pkiSecret.SecretBackendIntermediateSetSignedArgs{
			Backend:     intermediate.Path,
			Certificate: exampleSecretBackendRootSignIntermediate.Certificate,
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

func GetSecretBackendIntermediateSetSigned 

func GetSecretBackendIntermediateSetSigned(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *SecretBackendIntermediateSetSignedState, opts ...pulumi.ResourceOption) (*SecretBackendIntermediateSetSigned, error)

GetSecretBackendIntermediateSetSigned gets an existing SecretBackendIntermediateSetSigned resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewSecretBackendIntermediateSetSigned 

func NewSecretBackendIntermediateSetSigned(ctx *pulumi.Context,
	name string, args *SecretBackendIntermediateSetSignedArgs, opts ...pulumi.ResourceOption) (*SecretBackendIntermediateSetSigned, error)

NewSecretBackendIntermediateSetSigned registers a new resource with the given unique name, arguments, and options.

func (*SecretBackendIntermediateSetSigned) ElementType 

func (*SecretBackendIntermediateSetSigned) ElementType() reflect.Type

func (*SecretBackendIntermediateSetSigned) ToSecretBackendIntermediateSetSignedOutput 

func (i *SecretBackendIntermediateSetSigned) ToSecretBackendIntermediateSetSignedOutput() SecretBackendIntermediateSetSignedOutput

func (*SecretBackendIntermediateSetSigned) ToSecretBackendIntermediateSetSignedOutputWithContext 

func (i *SecretBackendIntermediateSetSigned) ToSecretBackendIntermediateSetSignedOutputWithContext(ctx context.Context) SecretBackendIntermediateSetSignedOutput

type SecretBackendIntermediateSetSignedArgs 

type SecretBackendIntermediateSetSignedArgs struct {
	// The PKI secret backend the resource belongs to.
	Backend pulumi.StringInput
	// Specifies the PEM encoded certificate. May optionally append additional
	// CA certificates to populate the whole chain, which will then enable returning the full chain from
	// issue and sign operations.
	Certificate pulumi.StringInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
}

The set of arguments for constructing a SecretBackendIntermediateSetSigned resource.

func (SecretBackendIntermediateSetSignedArgs) ElementType 

func (SecretBackendIntermediateSetSignedArgs) ElementType() reflect.Type

type SecretBackendIntermediateSetSignedArray 

type SecretBackendIntermediateSetSignedArray []SecretBackendIntermediateSetSignedInput

func (SecretBackendIntermediateSetSignedArray) ElementType 

func (SecretBackendIntermediateSetSignedArray) ElementType() reflect.Type

func (SecretBackendIntermediateSetSignedArray) ToSecretBackendIntermediateSetSignedArrayOutput 

func (i SecretBackendIntermediateSetSignedArray) ToSecretBackendIntermediateSetSignedArrayOutput() SecretBackendIntermediateSetSignedArrayOutput

func (SecretBackendIntermediateSetSignedArray) ToSecretBackendIntermediateSetSignedArrayOutputWithContext 

func (i SecretBackendIntermediateSetSignedArray) ToSecretBackendIntermediateSetSignedArrayOutputWithContext(ctx context.Context) SecretBackendIntermediateSetSignedArrayOutput

type SecretBackendIntermediateSetSignedArrayInput 

type SecretBackendIntermediateSetSignedArrayInput interface {
	pulumi.Input

	ToSecretBackendIntermediateSetSignedArrayOutput() SecretBackendIntermediateSetSignedArrayOutput
	ToSecretBackendIntermediateSetSignedArrayOutputWithContext(context.Context) SecretBackendIntermediateSetSignedArrayOutput
}

SecretBackendIntermediateSetSignedArrayInput is an input type that accepts SecretBackendIntermediateSetSignedArray and SecretBackendIntermediateSetSignedArrayOutput values. You can construct a concrete instance of `SecretBackendIntermediateSetSignedArrayInput` via: 

SecretBackendIntermediateSetSignedArray{ SecretBackendIntermediateSetSignedArgs{...} }

type SecretBackendIntermediateSetSignedArrayOutput 

type SecretBackendIntermediateSetSignedArrayOutput struct{ *pulumi.OutputState }

func (SecretBackendIntermediateSetSignedArrayOutput) ElementType 

func (SecretBackendIntermediateSetSignedArrayOutput) ElementType() reflect.Type

func (SecretBackendIntermediateSetSignedArrayOutput) Index 

func (o SecretBackendIntermediateSetSignedArrayOutput) Index(i pulumi.IntInput) SecretBackendIntermediateSetSignedOutput

func (SecretBackendIntermediateSetSignedArrayOutput) ToSecretBackendIntermediateSetSignedArrayOutput 

func (o SecretBackendIntermediateSetSignedArrayOutput) ToSecretBackendIntermediateSetSignedArrayOutput() SecretBackendIntermediateSetSignedArrayOutput

func (SecretBackendIntermediateSetSignedArrayOutput) ToSecretBackendIntermediateSetSignedArrayOutputWithContext 

func (o SecretBackendIntermediateSetSignedArrayOutput) ToSecretBackendIntermediateSetSignedArrayOutputWithContext(ctx context.Context) SecretBackendIntermediateSetSignedArrayOutput

type SecretBackendIntermediateSetSignedInput 

type SecretBackendIntermediateSetSignedInput interface {
	pulumi.Input

	ToSecretBackendIntermediateSetSignedOutput() SecretBackendIntermediateSetSignedOutput
	ToSecretBackendIntermediateSetSignedOutputWithContext(ctx context.Context) SecretBackendIntermediateSetSignedOutput
}

type SecretBackendIntermediateSetSignedMap 

type SecretBackendIntermediateSetSignedMap map[string]SecretBackendIntermediateSetSignedInput

func (SecretBackendIntermediateSetSignedMap) ElementType 

func (SecretBackendIntermediateSetSignedMap) ElementType() reflect.Type

func (SecretBackendIntermediateSetSignedMap) ToSecretBackendIntermediateSetSignedMapOutput 

func (i SecretBackendIntermediateSetSignedMap) ToSecretBackendIntermediateSetSignedMapOutput() SecretBackendIntermediateSetSignedMapOutput

func (SecretBackendIntermediateSetSignedMap) ToSecretBackendIntermediateSetSignedMapOutputWithContext 

func (i SecretBackendIntermediateSetSignedMap) ToSecretBackendIntermediateSetSignedMapOutputWithContext(ctx context.Context) SecretBackendIntermediateSetSignedMapOutput

type SecretBackendIntermediateSetSignedMapInput 

type SecretBackendIntermediateSetSignedMapInput interface {
	pulumi.Input

	ToSecretBackendIntermediateSetSignedMapOutput() SecretBackendIntermediateSetSignedMapOutput
	ToSecretBackendIntermediateSetSignedMapOutputWithContext(context.Context) SecretBackendIntermediateSetSignedMapOutput
}

SecretBackendIntermediateSetSignedMapInput is an input type that accepts SecretBackendIntermediateSetSignedMap and SecretBackendIntermediateSetSignedMapOutput values. You can construct a concrete instance of `SecretBackendIntermediateSetSignedMapInput` via: 

SecretBackendIntermediateSetSignedMap{ "key": SecretBackendIntermediateSetSignedArgs{...} }

type SecretBackendIntermediateSetSignedMapOutput 

type SecretBackendIntermediateSetSignedMapOutput struct{ *pulumi.OutputState }

func (SecretBackendIntermediateSetSignedMapOutput) ElementType 

func (SecretBackendIntermediateSetSignedMapOutput) ElementType() reflect.Type

func (SecretBackendIntermediateSetSignedMapOutput) MapIndex 

func (o SecretBackendIntermediateSetSignedMapOutput) MapIndex(k pulumi.StringInput) SecretBackendIntermediateSetSignedOutput

func (SecretBackendIntermediateSetSignedMapOutput) ToSecretBackendIntermediateSetSignedMapOutput 

func (o SecretBackendIntermediateSetSignedMapOutput) ToSecretBackendIntermediateSetSignedMapOutput() SecretBackendIntermediateSetSignedMapOutput

func (SecretBackendIntermediateSetSignedMapOutput) ToSecretBackendIntermediateSetSignedMapOutputWithContext 

func (o SecretBackendIntermediateSetSignedMapOutput) ToSecretBackendIntermediateSetSignedMapOutputWithContext(ctx context.Context) SecretBackendIntermediateSetSignedMapOutput

type SecretBackendIntermediateSetSignedOutput 

type SecretBackendIntermediateSetSignedOutput struct{ *pulumi.OutputState }

func (SecretBackendIntermediateSetSignedOutput) Backend 

func (o SecretBackendIntermediateSetSignedOutput) Backend() pulumi.StringOutput

The PKI secret backend the resource belongs to.

func (SecretBackendIntermediateSetSignedOutput) Certificate 

func (o SecretBackendIntermediateSetSignedOutput) Certificate() pulumi.StringOutput

Specifies the PEM encoded certificate. May optionally append additional CA certificates to populate the whole chain, which will then enable returning the full chain from issue and sign operations.

func (SecretBackendIntermediateSetSignedOutput) ElementType 

func (SecretBackendIntermediateSetSignedOutput) ElementType() reflect.Type

func (SecretBackendIntermediateSetSignedOutput) ImportedIssuers 

func (o SecretBackendIntermediateSetSignedOutput) ImportedIssuers() pulumi.StringArrayOutput

The imported issuers indicating which issuers were created as part of this request.

func (SecretBackendIntermediateSetSignedOutput) ImportedKeys 

func (o SecretBackendIntermediateSetSignedOutput) ImportedKeys() pulumi.StringArrayOutput

The imported keys indicating which keys were created as part of this request.

func (SecretBackendIntermediateSetSignedOutput) Namespace 

func (o SecretBackendIntermediateSetSignedOutput) Namespace() pulumi.StringPtrOutput

The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). *Available only for Vault Enterprise*.

func (SecretBackendIntermediateSetSignedOutput) ToSecretBackendIntermediateSetSignedOutput 

func (o SecretBackendIntermediateSetSignedOutput) ToSecretBackendIntermediateSetSignedOutput() SecretBackendIntermediateSetSignedOutput

func (SecretBackendIntermediateSetSignedOutput) ToSecretBackendIntermediateSetSignedOutputWithContext 

func (o SecretBackendIntermediateSetSignedOutput) ToSecretBackendIntermediateSetSignedOutputWithContext(ctx context.Context) SecretBackendIntermediateSetSignedOutput

type SecretBackendIntermediateSetSignedState 

type SecretBackendIntermediateSetSignedState struct {
	// The PKI secret backend the resource belongs to.
	Backend pulumi.StringPtrInput
	// Specifies the PEM encoded certificate. May optionally append additional
	// CA certificates to populate the whole chain, which will then enable returning the full chain from
	// issue and sign operations.
	Certificate pulumi.StringPtrInput
	// The imported issuers indicating which issuers were created as part of
	// this request.
	ImportedIssuers pulumi.StringArrayInput
	// The imported keys indicating which keys were created as part of this request.
	ImportedKeys pulumi.StringArrayInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
}

func (SecretBackendIntermediateSetSignedState) ElementType 

func (SecretBackendIntermediateSetSignedState) ElementType() reflect.Type

type SecretBackendIssuer 

type SecretBackendIssuer struct {
	pulumi.CustomResourceState

	// The path the PKI secret backend is mounted at, with no
	// leading or trailing `/`s.
	Backend pulumi.StringOutput `pulumi:"backend"`
	// Specifies the URL values for the CRL
	// Distribution Points field.
	CrlDistributionPoints pulumi.StringArrayOutput `pulumi:"crlDistributionPoints"`
	// Specifies that the AIA URL values should
	// be templated.
	EnableAiaUrlTemplating pulumi.BoolPtrOutput `pulumi:"enableAiaUrlTemplating"`
	// ID of the issuer.
	IssuerId pulumi.StringOutput `pulumi:"issuerId"`
	// Name of the issuer.
	IssuerName pulumi.StringPtrOutput `pulumi:"issuerName"`
	// Reference to an existing issuer.
	IssuerRef pulumi.StringOutput `pulumi:"issuerRef"`
	// Specifies the URL values for the Issuing
	// Certificate field.
	IssuingCertificates pulumi.StringArrayOutput `pulumi:"issuingCertificates"`
	// Behavior of a leaf's NotAfter field during
	// issuance.
	LeafNotAfterBehavior pulumi.StringOutput `pulumi:"leafNotAfterBehavior"`
	// Chain of issuer references to build this issuer's
	// computed CAChain field from, when non-empty.
	ManualChains pulumi.StringArrayOutput `pulumi:"manualChains"`
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrOutput `pulumi:"namespace"`
	// Specifies the URL values for the OCSP Servers field.
	OcspServers pulumi.StringArrayOutput `pulumi:"ocspServers"`
	// Which signature algorithm to use
	// when building CRLs.
	RevocationSignatureAlgorithm pulumi.StringOutput `pulumi:"revocationSignatureAlgorithm"`
	// Allowed usages for this issuer.
	Usage pulumi.StringOutput `pulumi:"usage"`
}

## Example Usage

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault"
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/pkiSecret"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		pki, err := vault.NewMount(ctx, "pki", &vault.MountArgs{
			Path:                   pulumi.String("pki"),
			Type:                   pulumi.String("pki"),
			DefaultLeaseTtlSeconds: pulumi.Int(3600),
			MaxLeaseTtlSeconds:     pulumi.Int(86400),
		})
		if err != nil {
			return err
		}
		root, err := pkiSecret.NewSecretBackendRootCert(ctx, "root", &pkiSecret.SecretBackendRootCertArgs{
			Backend:    pki.Path,
			Type:       pulumi.String("internal"),
			CommonName: pulumi.String("test"),
			Ttl:        pulumi.String("86400"),
		})
		if err != nil {
			return err
		}
		_, err = pkiSecret.NewSecretBackendIssuer(ctx, "example", &pkiSecret.SecretBackendIssuerArgs{
			Backend:    root.Backend,
			IssuerRef:  root.IssuerId,
			IssuerName: pulumi.String("example-issuer"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

## Import

PKI secret backend issuer can be imported using the `id`, e.g.

```sh $ pulumi import vault:pkiSecret/secretBackendIssuer:SecretBackendIssuer example pki/issuer/bf9b0d48-d0dd-652c-30be-77d04fc7e94d ```

func GetSecretBackendIssuer 

func GetSecretBackendIssuer(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *SecretBackendIssuerState, opts ...pulumi.ResourceOption) (*SecretBackendIssuer, error)

GetSecretBackendIssuer gets an existing SecretBackendIssuer resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewSecretBackendIssuer 

func NewSecretBackendIssuer(ctx *pulumi.Context,
	name string, args *SecretBackendIssuerArgs, opts ...pulumi.ResourceOption) (*SecretBackendIssuer, error)

NewSecretBackendIssuer registers a new resource with the given unique name, arguments, and options.

func (*SecretBackendIssuer) ElementType 

func (*SecretBackendIssuer) ElementType() reflect.Type

func (*SecretBackendIssuer) ToSecretBackendIssuerOutput 

func (i *SecretBackendIssuer) ToSecretBackendIssuerOutput() SecretBackendIssuerOutput

func (*SecretBackendIssuer) ToSecretBackendIssuerOutputWithContext 

func (i *SecretBackendIssuer) ToSecretBackendIssuerOutputWithContext(ctx context.Context) SecretBackendIssuerOutput

type SecretBackendIssuerArgs 

type SecretBackendIssuerArgs struct {
	// The path the PKI secret backend is mounted at, with no
	// leading or trailing `/`s.
	Backend pulumi.StringInput
	// Specifies the URL values for the CRL
	// Distribution Points field.
	CrlDistributionPoints pulumi.StringArrayInput
	// Specifies that the AIA URL values should
	// be templated.
	EnableAiaUrlTemplating pulumi.BoolPtrInput
	// Name of the issuer.
	IssuerName pulumi.StringPtrInput
	// Reference to an existing issuer.
	IssuerRef pulumi.StringInput
	// Specifies the URL values for the Issuing
	// Certificate field.
	IssuingCertificates pulumi.StringArrayInput
	// Behavior of a leaf's NotAfter field during
	// issuance.
	LeafNotAfterBehavior pulumi.StringPtrInput
	// Chain of issuer references to build this issuer's
	// computed CAChain field from, when non-empty.
	ManualChains pulumi.StringArrayInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// Specifies the URL values for the OCSP Servers field.
	OcspServers pulumi.StringArrayInput
	// Which signature algorithm to use
	// when building CRLs.
	RevocationSignatureAlgorithm pulumi.StringPtrInput
	// Allowed usages for this issuer.
	Usage pulumi.StringPtrInput
}

The set of arguments for constructing a SecretBackendIssuer resource.

func (SecretBackendIssuerArgs) ElementType 

func (SecretBackendIssuerArgs) ElementType() reflect.Type

type SecretBackendIssuerArray 

type SecretBackendIssuerArray []SecretBackendIssuerInput

func (SecretBackendIssuerArray) ElementType 

func (SecretBackendIssuerArray) ElementType() reflect.Type

func (SecretBackendIssuerArray) ToSecretBackendIssuerArrayOutput 

func (i SecretBackendIssuerArray) ToSecretBackendIssuerArrayOutput() SecretBackendIssuerArrayOutput

func (SecretBackendIssuerArray) ToSecretBackendIssuerArrayOutputWithContext 

func (i SecretBackendIssuerArray) ToSecretBackendIssuerArrayOutputWithContext(ctx context.Context) SecretBackendIssuerArrayOutput

type SecretBackendIssuerArrayInput 

type SecretBackendIssuerArrayInput interface {
	pulumi.Input

	ToSecretBackendIssuerArrayOutput() SecretBackendIssuerArrayOutput
	ToSecretBackendIssuerArrayOutputWithContext(context.Context) SecretBackendIssuerArrayOutput
}

SecretBackendIssuerArrayInput is an input type that accepts SecretBackendIssuerArray and SecretBackendIssuerArrayOutput values. You can construct a concrete instance of `SecretBackendIssuerArrayInput` via: 

SecretBackendIssuerArray{ SecretBackendIssuerArgs{...} }

type SecretBackendIssuerArrayOutput 

type SecretBackendIssuerArrayOutput struct{ *pulumi.OutputState }

func (SecretBackendIssuerArrayOutput) ElementType 

func (SecretBackendIssuerArrayOutput) ElementType() reflect.Type

func (SecretBackendIssuerArrayOutput) Index 

func (o SecretBackendIssuerArrayOutput) Index(i pulumi.IntInput) SecretBackendIssuerOutput

func (SecretBackendIssuerArrayOutput) ToSecretBackendIssuerArrayOutput 

func (o SecretBackendIssuerArrayOutput) ToSecretBackendIssuerArrayOutput() SecretBackendIssuerArrayOutput

func (SecretBackendIssuerArrayOutput) ToSecretBackendIssuerArrayOutputWithContext 

func (o SecretBackendIssuerArrayOutput) ToSecretBackendIssuerArrayOutputWithContext(ctx context.Context) SecretBackendIssuerArrayOutput

type SecretBackendIssuerInput 

type SecretBackendIssuerInput interface {
	pulumi.Input

	ToSecretBackendIssuerOutput() SecretBackendIssuerOutput
	ToSecretBackendIssuerOutputWithContext(ctx context.Context) SecretBackendIssuerOutput
}

type SecretBackendIssuerMap 

type SecretBackendIssuerMap map[string]SecretBackendIssuerInput

func (SecretBackendIssuerMap) ElementType 

func (SecretBackendIssuerMap) ElementType() reflect.Type

func (SecretBackendIssuerMap) ToSecretBackendIssuerMapOutput 

func (i SecretBackendIssuerMap) ToSecretBackendIssuerMapOutput() SecretBackendIssuerMapOutput

func (SecretBackendIssuerMap) ToSecretBackendIssuerMapOutputWithContext 

func (i SecretBackendIssuerMap) ToSecretBackendIssuerMapOutputWithContext(ctx context.Context) SecretBackendIssuerMapOutput

type SecretBackendIssuerMapInput 

type SecretBackendIssuerMapInput interface {
	pulumi.Input

	ToSecretBackendIssuerMapOutput() SecretBackendIssuerMapOutput
	ToSecretBackendIssuerMapOutputWithContext(context.Context) SecretBackendIssuerMapOutput
}

SecretBackendIssuerMapInput is an input type that accepts SecretBackendIssuerMap and SecretBackendIssuerMapOutput values. You can construct a concrete instance of `SecretBackendIssuerMapInput` via: 

SecretBackendIssuerMap{ "key": SecretBackendIssuerArgs{...} }

type SecretBackendIssuerMapOutput 

type SecretBackendIssuerMapOutput struct{ *pulumi.OutputState }

func (SecretBackendIssuerMapOutput) ElementType 

func (SecretBackendIssuerMapOutput) ElementType() reflect.Type

func (SecretBackendIssuerMapOutput) MapIndex 

func (o SecretBackendIssuerMapOutput) MapIndex(k pulumi.StringInput) SecretBackendIssuerOutput

func (SecretBackendIssuerMapOutput) ToSecretBackendIssuerMapOutput 

func (o SecretBackendIssuerMapOutput) ToSecretBackendIssuerMapOutput() SecretBackendIssuerMapOutput

func (SecretBackendIssuerMapOutput) ToSecretBackendIssuerMapOutputWithContext 

func (o SecretBackendIssuerMapOutput) ToSecretBackendIssuerMapOutputWithContext(ctx context.Context) SecretBackendIssuerMapOutput

type SecretBackendIssuerOutput 

type SecretBackendIssuerOutput struct{ *pulumi.OutputState }

func (SecretBackendIssuerOutput) Backend 

func (o SecretBackendIssuerOutput) Backend() pulumi.StringOutput

The path the PKI secret backend is mounted at, with no leading or trailing `/`s.

func (SecretBackendIssuerOutput) CrlDistributionPoints 

func (o SecretBackendIssuerOutput) CrlDistributionPoints() pulumi.StringArrayOutput

Specifies the URL values for the CRL Distribution Points field.

func (SecretBackendIssuerOutput) ElementType 

func (SecretBackendIssuerOutput) ElementType() reflect.Type

func (SecretBackendIssuerOutput) EnableAiaUrlTemplating 

func (o SecretBackendIssuerOutput) EnableAiaUrlTemplating() pulumi.BoolPtrOutput

Specifies that the AIA URL values should be templated.

func (SecretBackendIssuerOutput) IssuerId 

func (o SecretBackendIssuerOutput) IssuerId() pulumi.StringOutput

ID of the issuer.

func (SecretBackendIssuerOutput) IssuerName 

func (o SecretBackendIssuerOutput) IssuerName() pulumi.StringPtrOutput

Name of the issuer.

func (SecretBackendIssuerOutput) IssuerRef 

func (o SecretBackendIssuerOutput) IssuerRef() pulumi.StringOutput

Reference to an existing issuer.

func (SecretBackendIssuerOutput) IssuingCertificates 

func (o SecretBackendIssuerOutput) IssuingCertificates() pulumi.StringArrayOutput

Specifies the URL values for the Issuing Certificate field.

func (SecretBackendIssuerOutput) LeafNotAfterBehavior 

func (o SecretBackendIssuerOutput) LeafNotAfterBehavior() pulumi.StringOutput

Behavior of a leaf's NotAfter field during issuance.

func (SecretBackendIssuerOutput) ManualChains 

func (o SecretBackendIssuerOutput) ManualChains() pulumi.StringArrayOutput

Chain of issuer references to build this issuer's computed CAChain field from, when non-empty.

func (SecretBackendIssuerOutput) Namespace 

func (o SecretBackendIssuerOutput) Namespace() pulumi.StringPtrOutput

The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). *Available only for Vault Enterprise*.

func (SecretBackendIssuerOutput) OcspServers 

func (o SecretBackendIssuerOutput) OcspServers() pulumi.StringArrayOutput

Specifies the URL values for the OCSP Servers field.

func (SecretBackendIssuerOutput) RevocationSignatureAlgorithm 

func (o SecretBackendIssuerOutput) RevocationSignatureAlgorithm() pulumi.StringOutput

Which signature algorithm to use when building CRLs.

func (SecretBackendIssuerOutput) ToSecretBackendIssuerOutput 

func (o SecretBackendIssuerOutput) ToSecretBackendIssuerOutput() SecretBackendIssuerOutput

func (SecretBackendIssuerOutput) ToSecretBackendIssuerOutputWithContext 

func (o SecretBackendIssuerOutput) ToSecretBackendIssuerOutputWithContext(ctx context.Context) SecretBackendIssuerOutput

func (SecretBackendIssuerOutput) Usage 

func (o SecretBackendIssuerOutput) Usage() pulumi.StringOutput

Allowed usages for this issuer.

type SecretBackendIssuerState 

type SecretBackendIssuerState struct {
	// The path the PKI secret backend is mounted at, with no
	// leading or trailing `/`s.
	Backend pulumi.StringPtrInput
	// Specifies the URL values for the CRL
	// Distribution Points field.
	CrlDistributionPoints pulumi.StringArrayInput
	// Specifies that the AIA URL values should
	// be templated.
	EnableAiaUrlTemplating pulumi.BoolPtrInput
	// ID of the issuer.
	IssuerId pulumi.StringPtrInput
	// Name of the issuer.
	IssuerName pulumi.StringPtrInput
	// Reference to an existing issuer.
	IssuerRef pulumi.StringPtrInput
	// Specifies the URL values for the Issuing
	// Certificate field.
	IssuingCertificates pulumi.StringArrayInput
	// Behavior of a leaf's NotAfter field during
	// issuance.
	LeafNotAfterBehavior pulumi.StringPtrInput
	// Chain of issuer references to build this issuer's
	// computed CAChain field from, when non-empty.
	ManualChains pulumi.StringArrayInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// Specifies the URL values for the OCSP Servers field.
	OcspServers pulumi.StringArrayInput
	// Which signature algorithm to use
	// when building CRLs.
	RevocationSignatureAlgorithm pulumi.StringPtrInput
	// Allowed usages for this issuer.
	Usage pulumi.StringPtrInput
}

func (SecretBackendIssuerState) ElementType 

func (SecretBackendIssuerState) ElementType() reflect.Type

type SecretBackendKey 

type SecretBackendKey struct {
	pulumi.CustomResourceState

	// The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
	Backend pulumi.StringOutput `pulumi:"backend"`
	// Specifies the number of bits to use for the generated keys.
	// Allowed values are 0 (universal default); with `key_type=rsa`, allowed values are:
	// 2048 (default), 3072, or 4096; with `key_type=ec`, allowed values are: 224, 256 (default),
	// 384, or 521; ignored with `key_type=ed25519`.
	KeyBits pulumi.IntOutput `pulumi:"keyBits"`
	// ID of the generated key.
	KeyId pulumi.StringOutput `pulumi:"keyId"`
	// When a new key is created with this request, optionally specifies the name for this.
	// The global ref `default` may not be used as a name.
	KeyName pulumi.StringPtrOutput `pulumi:"keyName"`
	// Specifies the desired key type; must be `rsa`, `ed25519` or `ec`.
	KeyType pulumi.StringOutput `pulumi:"keyType"`
	// The managed key's UUID.
	ManagedKeyId pulumi.StringPtrOutput `pulumi:"managedKeyId"`
	// The managed key's configured name.
	ManagedKeyName pulumi.StringPtrOutput `pulumi:"managedKeyName"`
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrOutput `pulumi:"namespace"`
	// Specifies the type of the key to create. Can be `exported`,`internal` or `kms`.
	Type pulumi.StringOutput `pulumi:"type"`
}

Creates a key on a PKI Secret Backend for Vault.

## Import

PKI secret backend key can be imported using the `id`, e.g.

```sh $ pulumi import vault:pkiSecret/secretBackendKey:SecretBackendKey key pki/key/bf9b0d48-d0dd-652c-30be-77d04fc7e94d ```

func GetSecretBackendKey 

func GetSecretBackendKey(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *SecretBackendKeyState, opts ...pulumi.ResourceOption) (*SecretBackendKey, error)

GetSecretBackendKey gets an existing SecretBackendKey resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewSecretBackendKey 

func NewSecretBackendKey(ctx *pulumi.Context,
	name string, args *SecretBackendKeyArgs, opts ...pulumi.ResourceOption) (*SecretBackendKey, error)

NewSecretBackendKey registers a new resource with the given unique name, arguments, and options.

func (*SecretBackendKey) ElementType 

func (*SecretBackendKey) ElementType() reflect.Type

func (*SecretBackendKey) ToSecretBackendKeyOutput 

func (i *SecretBackendKey) ToSecretBackendKeyOutput() SecretBackendKeyOutput

func (*SecretBackendKey) ToSecretBackendKeyOutputWithContext 

func (i *SecretBackendKey) ToSecretBackendKeyOutputWithContext(ctx context.Context) SecretBackendKeyOutput

type SecretBackendKeyArgs 

type SecretBackendKeyArgs struct {
	// The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
	Backend pulumi.StringInput
	// Specifies the number of bits to use for the generated keys.
	// Allowed values are 0 (universal default); with `key_type=rsa`, allowed values are:
	// 2048 (default), 3072, or 4096; with `key_type=ec`, allowed values are: 224, 256 (default),
	// 384, or 521; ignored with `key_type=ed25519`.
	KeyBits pulumi.IntPtrInput
	// When a new key is created with this request, optionally specifies the name for this.
	// The global ref `default` may not be used as a name.
	KeyName pulumi.StringPtrInput
	// Specifies the desired key type; must be `rsa`, `ed25519` or `ec`.
	KeyType pulumi.StringPtrInput
	// The managed key's UUID.
	ManagedKeyId pulumi.StringPtrInput
	// The managed key's configured name.
	ManagedKeyName pulumi.StringPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// Specifies the type of the key to create. Can be `exported`,`internal` or `kms`.
	Type pulumi.StringInput
}

The set of arguments for constructing a SecretBackendKey resource.

func (SecretBackendKeyArgs) ElementType 

func (SecretBackendKeyArgs) ElementType() reflect.Type

type SecretBackendKeyArray 

type SecretBackendKeyArray []SecretBackendKeyInput

func (SecretBackendKeyArray) ElementType 

func (SecretBackendKeyArray) ElementType() reflect.Type

func (SecretBackendKeyArray) ToSecretBackendKeyArrayOutput 

func (i SecretBackendKeyArray) ToSecretBackendKeyArrayOutput() SecretBackendKeyArrayOutput

func (SecretBackendKeyArray) ToSecretBackendKeyArrayOutputWithContext 

func (i SecretBackendKeyArray) ToSecretBackendKeyArrayOutputWithContext(ctx context.Context) SecretBackendKeyArrayOutput

type SecretBackendKeyArrayInput 

type SecretBackendKeyArrayInput interface {
	pulumi.Input

	ToSecretBackendKeyArrayOutput() SecretBackendKeyArrayOutput
	ToSecretBackendKeyArrayOutputWithContext(context.Context) SecretBackendKeyArrayOutput
}

SecretBackendKeyArrayInput is an input type that accepts SecretBackendKeyArray and SecretBackendKeyArrayOutput values. You can construct a concrete instance of `SecretBackendKeyArrayInput` via: 

SecretBackendKeyArray{ SecretBackendKeyArgs{...} }

type SecretBackendKeyArrayOutput 

type SecretBackendKeyArrayOutput struct{ *pulumi.OutputState }

func (SecretBackendKeyArrayOutput) ElementType 

func (SecretBackendKeyArrayOutput) ElementType() reflect.Type

func (SecretBackendKeyArrayOutput) Index 

func (o SecretBackendKeyArrayOutput) Index(i pulumi.IntInput) SecretBackendKeyOutput

func (SecretBackendKeyArrayOutput) ToSecretBackendKeyArrayOutput 

func (o SecretBackendKeyArrayOutput) ToSecretBackendKeyArrayOutput() SecretBackendKeyArrayOutput

func (SecretBackendKeyArrayOutput) ToSecretBackendKeyArrayOutputWithContext 

func (o SecretBackendKeyArrayOutput) ToSecretBackendKeyArrayOutputWithContext(ctx context.Context) SecretBackendKeyArrayOutput

type SecretBackendKeyInput 

type SecretBackendKeyInput interface {
	pulumi.Input

	ToSecretBackendKeyOutput() SecretBackendKeyOutput
	ToSecretBackendKeyOutputWithContext(ctx context.Context) SecretBackendKeyOutput
}

type SecretBackendKeyMap 

type SecretBackendKeyMap map[string]SecretBackendKeyInput

func (SecretBackendKeyMap) ElementType 

func (SecretBackendKeyMap) ElementType() reflect.Type

func (SecretBackendKeyMap) ToSecretBackendKeyMapOutput 

func (i SecretBackendKeyMap) ToSecretBackendKeyMapOutput() SecretBackendKeyMapOutput

func (SecretBackendKeyMap) ToSecretBackendKeyMapOutputWithContext 

func (i SecretBackendKeyMap) ToSecretBackendKeyMapOutputWithContext(ctx context.Context) SecretBackendKeyMapOutput

type SecretBackendKeyMapInput 

type SecretBackendKeyMapInput interface {
	pulumi.Input

	ToSecretBackendKeyMapOutput() SecretBackendKeyMapOutput
	ToSecretBackendKeyMapOutputWithContext(context.Context) SecretBackendKeyMapOutput
}

SecretBackendKeyMapInput is an input type that accepts SecretBackendKeyMap and SecretBackendKeyMapOutput values. You can construct a concrete instance of `SecretBackendKeyMapInput` via: 

SecretBackendKeyMap{ "key": SecretBackendKeyArgs{...} }

type SecretBackendKeyMapOutput 

type SecretBackendKeyMapOutput struct{ *pulumi.OutputState }

func (SecretBackendKeyMapOutput) ElementType 

func (SecretBackendKeyMapOutput) ElementType() reflect.Type

func (SecretBackendKeyMapOutput) MapIndex 

func (o SecretBackendKeyMapOutput) MapIndex(k pulumi.StringInput) SecretBackendKeyOutput

func (SecretBackendKeyMapOutput) ToSecretBackendKeyMapOutput 

func (o SecretBackendKeyMapOutput) ToSecretBackendKeyMapOutput() SecretBackendKeyMapOutput

func (SecretBackendKeyMapOutput) ToSecretBackendKeyMapOutputWithContext 

func (o SecretBackendKeyMapOutput) ToSecretBackendKeyMapOutputWithContext(ctx context.Context) SecretBackendKeyMapOutput

type SecretBackendKeyOutput 

type SecretBackendKeyOutput struct{ *pulumi.OutputState }

func (SecretBackendKeyOutput) Backend 

func (o SecretBackendKeyOutput) Backend() pulumi.StringOutput

The path the PKI secret backend is mounted at, with no leading or trailing `/`s.

func (SecretBackendKeyOutput) ElementType 

func (SecretBackendKeyOutput) ElementType() reflect.Type

func (SecretBackendKeyOutput) KeyBits 

func (o SecretBackendKeyOutput) KeyBits() pulumi.IntOutput

Specifies the number of bits to use for the generated keys. Allowed values are 0 (universal default); with `key_type=rsa`, allowed values are: 2048 (default), 3072, or 4096; with `key_type=ec`, allowed values are: 224, 256 (default), 384, or 521; ignored with `key_type=ed25519`.

func (SecretBackendKeyOutput) KeyId 

func (o SecretBackendKeyOutput) KeyId() pulumi.StringOutput

ID of the generated key.

func (SecretBackendKeyOutput) KeyName 

func (o SecretBackendKeyOutput) KeyName() pulumi.StringPtrOutput

When a new key is created with this request, optionally specifies the name for this. The global ref `default` may not be used as a name.

func (SecretBackendKeyOutput) KeyType 

func (o SecretBackendKeyOutput) KeyType() pulumi.StringOutput

Specifies the desired key type; must be `rsa`, `ed25519` or `ec`.

func (SecretBackendKeyOutput) ManagedKeyId 

func (o SecretBackendKeyOutput) ManagedKeyId() pulumi.StringPtrOutput

The managed key's UUID.

func (SecretBackendKeyOutput) ManagedKeyName 

func (o SecretBackendKeyOutput) ManagedKeyName() pulumi.StringPtrOutput

The managed key's configured name.

func (SecretBackendKeyOutput) Namespace 

func (o SecretBackendKeyOutput) Namespace() pulumi.StringPtrOutput

The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). *Available only for Vault Enterprise*.

func (SecretBackendKeyOutput) ToSecretBackendKeyOutput 

func (o SecretBackendKeyOutput) ToSecretBackendKeyOutput() SecretBackendKeyOutput

func (SecretBackendKeyOutput) ToSecretBackendKeyOutputWithContext 

func (o SecretBackendKeyOutput) ToSecretBackendKeyOutputWithContext(ctx context.Context) SecretBackendKeyOutput

func (SecretBackendKeyOutput) Type 

func (o SecretBackendKeyOutput) Type() pulumi.StringOutput

Specifies the type of the key to create. Can be `exported`,`internal` or `kms`.

type SecretBackendKeyState 

type SecretBackendKeyState struct {
	// The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
	Backend pulumi.StringPtrInput
	// Specifies the number of bits to use for the generated keys.
	// Allowed values are 0 (universal default); with `key_type=rsa`, allowed values are:
	// 2048 (default), 3072, or 4096; with `key_type=ec`, allowed values are: 224, 256 (default),
	// 384, or 521; ignored with `key_type=ed25519`.
	KeyBits pulumi.IntPtrInput
	// ID of the generated key.
	KeyId pulumi.StringPtrInput
	// When a new key is created with this request, optionally specifies the name for this.
	// The global ref `default` may not be used as a name.
	KeyName pulumi.StringPtrInput
	// Specifies the desired key type; must be `rsa`, `ed25519` or `ec`.
	KeyType pulumi.StringPtrInput
	// The managed key's UUID.
	ManagedKeyId pulumi.StringPtrInput
	// The managed key's configured name.
	ManagedKeyName pulumi.StringPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// Specifies the type of the key to create. Can be `exported`,`internal` or `kms`.
	Type pulumi.StringPtrInput
}

func (SecretBackendKeyState) ElementType 

func (SecretBackendKeyState) ElementType() reflect.Type

type SecretBackendRole 

type SecretBackendRole struct {
	pulumi.CustomResourceState

	// Flag to allow any name
	AllowAnyName pulumi.BoolPtrOutput `pulumi:"allowAnyName"`
	// Flag to allow certificates matching the actual domain
	AllowBareDomains pulumi.BoolPtrOutput `pulumi:"allowBareDomains"`
	// Flag to allow names containing glob patterns.
	AllowGlobDomains pulumi.BoolPtrOutput `pulumi:"allowGlobDomains"`
	// Flag to allow IP SANs
	AllowIpSans pulumi.BoolPtrOutput `pulumi:"allowIpSans"`
	// Flag to allow certificates for localhost
	AllowLocalhost pulumi.BoolPtrOutput `pulumi:"allowLocalhost"`
	// Flag to allow certificates matching subdomains
	AllowSubdomains pulumi.BoolPtrOutput `pulumi:"allowSubdomains"`
	// Flag to allow wildcard certificates.
	AllowWildcardCertificates pulumi.BoolPtrOutput `pulumi:"allowWildcardCertificates"`
	// List of allowed domains for certificates
	AllowedDomains pulumi.StringArrayOutput `pulumi:"allowedDomains"`
	// Flag, if set, `allowedDomains` can be specified using identity template expressions such as `{{identity.entity.aliases.<mount accessor>.name}}`.
	AllowedDomainsTemplate pulumi.BoolPtrOutput `pulumi:"allowedDomainsTemplate"`
	// Defines allowed custom SANs
	AllowedOtherSans pulumi.StringArrayOutput `pulumi:"allowedOtherSans"`
	// An array of allowed serial numbers to put in Subject
	AllowedSerialNumbers pulumi.StringArrayOutput `pulumi:"allowedSerialNumbers"`
	// Defines allowed URI SANs
	AllowedUriSans pulumi.StringArrayOutput `pulumi:"allowedUriSans"`
	// Flag, if set, `allowedUriSans` can be specified using identity template expressions such as `{{identity.entity.aliases.<mount accessor>.name}}`.
	AllowedUriSansTemplate pulumi.BoolOutput `pulumi:"allowedUriSansTemplate"`
	// Defines allowed User IDs
	AllowedUserIds pulumi.StringArrayOutput `pulumi:"allowedUserIds"`
	// The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
	Backend pulumi.StringOutput `pulumi:"backend"`
	// Flag to mark basic constraints valid when issuing non-CA certificates
	BasicConstraintsValidForNonCa pulumi.BoolPtrOutput `pulumi:"basicConstraintsValidForNonCa"`
	// Flag to specify certificates for client use
	ClientFlag pulumi.BoolPtrOutput `pulumi:"clientFlag"`
	// Flag to specify certificates for code signing use
	CodeSigningFlag pulumi.BoolPtrOutput `pulumi:"codeSigningFlag"`
	// The country of generated certificates
	Countries pulumi.StringArrayOutput `pulumi:"countries"`
	// Flag to specify certificates for email protection use
	EmailProtectionFlag pulumi.BoolPtrOutput `pulumi:"emailProtectionFlag"`
	// Flag to allow only valid host names
	EnforceHostnames pulumi.BoolPtrOutput `pulumi:"enforceHostnames"`
	// Specify the allowed extended key usage OIDs constraint on issued certificates
	ExtKeyUsageOids pulumi.StringArrayOutput `pulumi:"extKeyUsageOids"`
	// Specify the allowed extended key usage constraint on issued certificates
	ExtKeyUsages pulumi.StringArrayOutput `pulumi:"extKeyUsages"`
	// Flag to generate leases with certificates
	GenerateLease pulumi.BoolPtrOutput `pulumi:"generateLease"`
	// Specifies the default issuer of this request. May
	// be the value `default`, a name, or an issuer ID. Use ACLs to prevent access to
	// the `/pki/issuer/:issuer_ref/{issue,sign}/:name` paths to prevent users
	// overriding the role's `issuerRef` value.
	IssuerRef pulumi.StringOutput `pulumi:"issuerRef"`
	// The number of bits of generated keys
	KeyBits pulumi.IntPtrOutput `pulumi:"keyBits"`
	// The generated key type, choices: `rsa`, `ec`, `ed25519`, `any`
	// Defaults to `rsa`
	KeyType pulumi.StringPtrOutput `pulumi:"keyType"`
	// Specify the allowed key usage constraint on issued
	// certificates. Defaults to `["DigitalSignature", "KeyAgreement", "KeyEncipherment"])`.
	// To specify no default key usage constraints, set this to an empty list `[]`.
	KeyUsages pulumi.StringArrayOutput `pulumi:"keyUsages"`
	// The locality of generated certificates
	Localities pulumi.StringArrayOutput `pulumi:"localities"`
	// The maximum lease TTL, in seconds, for the role.
	MaxTtl pulumi.StringOutput `pulumi:"maxTtl"`
	// The name to identify this role within the backend. Must be unique within the backend.
	Name pulumi.StringOutput `pulumi:"name"`
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrOutput `pulumi:"namespace"`
	// Flag to not store certificates in the storage backend
	NoStore pulumi.BoolPtrOutput `pulumi:"noStore"`
	// Specifies the duration by which to backdate the NotBefore property.
	NotBeforeDuration pulumi.StringOutput `pulumi:"notBeforeDuration"`
	// The organization unit of generated certificates
	OrganizationUnit pulumi.StringArrayOutput `pulumi:"organizationUnit"`
	// The organization of generated certificates
	Organizations pulumi.StringArrayOutput `pulumi:"organizations"`
	// (Vault 1.11+ only) A block for specifying policy identifers. The `policyIdentifier` block can be repeated, and supports the following arguments:
	PolicyIdentifier SecretBackendRolePolicyIdentifierArrayOutput `pulumi:"policyIdentifier"`
	// Specify the list of allowed policies OIDs. Use with Vault 1.10 or before. For Vault 1.11+, use `policyIdentifier` blocks instead
	PolicyIdentifiers pulumi.StringArrayOutput `pulumi:"policyIdentifiers"`
	// The postal code of generated certificates
	PostalCodes pulumi.StringArrayOutput `pulumi:"postalCodes"`
	// The province of generated certificates
	Provinces pulumi.StringArrayOutput `pulumi:"provinces"`
	// Flag to force CN usage
	RequireCn pulumi.BoolPtrOutput `pulumi:"requireCn"`
	// Flag to specify certificates for server use
	ServerFlag pulumi.BoolPtrOutput `pulumi:"serverFlag"`
	// The street address of generated certificates
	StreetAddresses pulumi.StringArrayOutput `pulumi:"streetAddresses"`
	// The TTL, in seconds, for any certificate issued against this role.
	Ttl pulumi.StringOutput `pulumi:"ttl"`
	// Flag to use the CN in the CSR
	UseCsrCommonName pulumi.BoolPtrOutput `pulumi:"useCsrCommonName"`
	// Flag to use the SANs in the CSR
	UseCsrSans pulumi.BoolPtrOutput `pulumi:"useCsrSans"`
}

Creates a role on an PKI Secret Backend for Vault.

## Example Usage

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault"
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/pkiSecret"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		pki, err := vault.NewMount(ctx, "pki", &vault.MountArgs{
			Path:                   pulumi.String("pki"),
			Type:                   pulumi.String("pki"),
			DefaultLeaseTtlSeconds: pulumi.Int(3600),
			MaxLeaseTtlSeconds:     pulumi.Int(86400),
		})
		if err != nil {
			return err
		}
		_, err = pkiSecret.NewSecretBackendRole(ctx, "role", &pkiSecret.SecretBackendRoleArgs{
			Backend:     pki.Path,
			Ttl:         pulumi.String("3600"),
			AllowIpSans: pulumi.Bool(true),
			KeyType:     pulumi.String("rsa"),
			KeyBits:     pulumi.Int(4096),
			AllowedDomains: pulumi.StringArray{
				pulumi.String("example.com"),
				pulumi.String("my.domain"),
			},
			AllowSubdomains: pulumi.Bool(true),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

## Import

PKI secret backend roles can be imported using the `path`, e.g.

```sh $ pulumi import vault:pkiSecret/secretBackendRole:SecretBackendRole role pki/roles/my_role ```

func GetSecretBackendRole 

func GetSecretBackendRole(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *SecretBackendRoleState, opts ...pulumi.ResourceOption) (*SecretBackendRole, error)

GetSecretBackendRole gets an existing SecretBackendRole resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewSecretBackendRole 

func NewSecretBackendRole(ctx *pulumi.Context,
	name string, args *SecretBackendRoleArgs, opts ...pulumi.ResourceOption) (*SecretBackendRole, error)

NewSecretBackendRole registers a new resource with the given unique name, arguments, and options.

func (*SecretBackendRole) ElementType 

func (*SecretBackendRole) ElementType() reflect.Type

func (*SecretBackendRole) ToSecretBackendRoleOutput 

func (i *SecretBackendRole) ToSecretBackendRoleOutput() SecretBackendRoleOutput

func (*SecretBackendRole) ToSecretBackendRoleOutputWithContext 

func (i *SecretBackendRole) ToSecretBackendRoleOutputWithContext(ctx context.Context) SecretBackendRoleOutput

type SecretBackendRoleArgs 

type SecretBackendRoleArgs struct {
	// Flag to allow any name
	AllowAnyName pulumi.BoolPtrInput
	// Flag to allow certificates matching the actual domain
	AllowBareDomains pulumi.BoolPtrInput
	// Flag to allow names containing glob patterns.
	AllowGlobDomains pulumi.BoolPtrInput
	// Flag to allow IP SANs
	AllowIpSans pulumi.BoolPtrInput
	// Flag to allow certificates for localhost
	AllowLocalhost pulumi.BoolPtrInput
	// Flag to allow certificates matching subdomains
	AllowSubdomains pulumi.BoolPtrInput
	// Flag to allow wildcard certificates.
	AllowWildcardCertificates pulumi.BoolPtrInput
	// List of allowed domains for certificates
	AllowedDomains pulumi.StringArrayInput
	// Flag, if set, `allowedDomains` can be specified using identity template expressions such as `{{identity.entity.aliases.<mount accessor>.name}}`.
	AllowedDomainsTemplate pulumi.BoolPtrInput
	// Defines allowed custom SANs
	AllowedOtherSans pulumi.StringArrayInput
	// An array of allowed serial numbers to put in Subject
	AllowedSerialNumbers pulumi.StringArrayInput
	// Defines allowed URI SANs
	AllowedUriSans pulumi.StringArrayInput
	// Flag, if set, `allowedUriSans` can be specified using identity template expressions such as `{{identity.entity.aliases.<mount accessor>.name}}`.
	AllowedUriSansTemplate pulumi.BoolPtrInput
	// Defines allowed User IDs
	AllowedUserIds pulumi.StringArrayInput
	// The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
	Backend pulumi.StringInput
	// Flag to mark basic constraints valid when issuing non-CA certificates
	BasicConstraintsValidForNonCa pulumi.BoolPtrInput
	// Flag to specify certificates for client use
	ClientFlag pulumi.BoolPtrInput
	// Flag to specify certificates for code signing use
	CodeSigningFlag pulumi.BoolPtrInput
	// The country of generated certificates
	Countries pulumi.StringArrayInput
	// Flag to specify certificates for email protection use
	EmailProtectionFlag pulumi.BoolPtrInput
	// Flag to allow only valid host names
	EnforceHostnames pulumi.BoolPtrInput
	// Specify the allowed extended key usage OIDs constraint on issued certificates
	ExtKeyUsageOids pulumi.StringArrayInput
	// Specify the allowed extended key usage constraint on issued certificates
	ExtKeyUsages pulumi.StringArrayInput
	// Flag to generate leases with certificates
	GenerateLease pulumi.BoolPtrInput
	// Specifies the default issuer of this request. May
	// be the value `default`, a name, or an issuer ID. Use ACLs to prevent access to
	// the `/pki/issuer/:issuer_ref/{issue,sign}/:name` paths to prevent users
	// overriding the role's `issuerRef` value.
	IssuerRef pulumi.StringPtrInput
	// The number of bits of generated keys
	KeyBits pulumi.IntPtrInput
	// The generated key type, choices: `rsa`, `ec`, `ed25519`, `any`
	// Defaults to `rsa`
	KeyType pulumi.StringPtrInput
	// Specify the allowed key usage constraint on issued
	// certificates. Defaults to `["DigitalSignature", "KeyAgreement", "KeyEncipherment"])`.
	// To specify no default key usage constraints, set this to an empty list `[]`.
	KeyUsages pulumi.StringArrayInput
	// The locality of generated certificates
	Localities pulumi.StringArrayInput
	// The maximum lease TTL, in seconds, for the role.
	MaxTtl pulumi.StringPtrInput
	// The name to identify this role within the backend. Must be unique within the backend.
	Name pulumi.StringPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// Flag to not store certificates in the storage backend
	NoStore pulumi.BoolPtrInput
	// Specifies the duration by which to backdate the NotBefore property.
	NotBeforeDuration pulumi.StringPtrInput
	// The organization unit of generated certificates
	OrganizationUnit pulumi.StringArrayInput
	// The organization of generated certificates
	Organizations pulumi.StringArrayInput
	// (Vault 1.11+ only) A block for specifying policy identifers. The `policyIdentifier` block can be repeated, and supports the following arguments:
	PolicyIdentifier SecretBackendRolePolicyIdentifierArrayInput
	// Specify the list of allowed policies OIDs. Use with Vault 1.10 or before. For Vault 1.11+, use `policyIdentifier` blocks instead
	PolicyIdentifiers pulumi.StringArrayInput
	// The postal code of generated certificates
	PostalCodes pulumi.StringArrayInput
	// The province of generated certificates
	Provinces pulumi.StringArrayInput
	// Flag to force CN usage
	RequireCn pulumi.BoolPtrInput
	// Flag to specify certificates for server use
	ServerFlag pulumi.BoolPtrInput
	// The street address of generated certificates
	StreetAddresses pulumi.StringArrayInput
	// The TTL, in seconds, for any certificate issued against this role.
	Ttl pulumi.StringPtrInput
	// Flag to use the CN in the CSR
	UseCsrCommonName pulumi.BoolPtrInput
	// Flag to use the SANs in the CSR
	UseCsrSans pulumi.BoolPtrInput
}

The set of arguments for constructing a SecretBackendRole resource.

func (SecretBackendRoleArgs) ElementType 

func (SecretBackendRoleArgs) ElementType() reflect.Type

type SecretBackendRoleArray 

type SecretBackendRoleArray []SecretBackendRoleInput

func (SecretBackendRoleArray) ElementType 

func (SecretBackendRoleArray) ElementType() reflect.Type

func (SecretBackendRoleArray) ToSecretBackendRoleArrayOutput 

func (i SecretBackendRoleArray) ToSecretBackendRoleArrayOutput() SecretBackendRoleArrayOutput

func (SecretBackendRoleArray) ToSecretBackendRoleArrayOutputWithContext 

func (i SecretBackendRoleArray) ToSecretBackendRoleArrayOutputWithContext(ctx context.Context) SecretBackendRoleArrayOutput

type SecretBackendRoleArrayInput 

type SecretBackendRoleArrayInput interface {
	pulumi.Input

	ToSecretBackendRoleArrayOutput() SecretBackendRoleArrayOutput
	ToSecretBackendRoleArrayOutputWithContext(context.Context) SecretBackendRoleArrayOutput
}

SecretBackendRoleArrayInput is an input type that accepts SecretBackendRoleArray and SecretBackendRoleArrayOutput values. You can construct a concrete instance of `SecretBackendRoleArrayInput` via: 

SecretBackendRoleArray{ SecretBackendRoleArgs{...} }

type SecretBackendRoleArrayOutput 

type SecretBackendRoleArrayOutput struct{ *pulumi.OutputState }

func (SecretBackendRoleArrayOutput) ElementType 

func (SecretBackendRoleArrayOutput) ElementType() reflect.Type

func (SecretBackendRoleArrayOutput) Index 

func (o SecretBackendRoleArrayOutput) Index(i pulumi.IntInput) SecretBackendRoleOutput

func (SecretBackendRoleArrayOutput) ToSecretBackendRoleArrayOutput 

func (o SecretBackendRoleArrayOutput) ToSecretBackendRoleArrayOutput() SecretBackendRoleArrayOutput

func (SecretBackendRoleArrayOutput) ToSecretBackendRoleArrayOutputWithContext 

func (o SecretBackendRoleArrayOutput) ToSecretBackendRoleArrayOutputWithContext(ctx context.Context) SecretBackendRoleArrayOutput

type SecretBackendRoleInput 

type SecretBackendRoleInput interface {
	pulumi.Input

	ToSecretBackendRoleOutput() SecretBackendRoleOutput
	ToSecretBackendRoleOutputWithContext(ctx context.Context) SecretBackendRoleOutput
}

type SecretBackendRoleMap 

type SecretBackendRoleMap map[string]SecretBackendRoleInput

func (SecretBackendRoleMap) ElementType 

func (SecretBackendRoleMap) ElementType() reflect.Type

func (SecretBackendRoleMap) ToSecretBackendRoleMapOutput 

func (i SecretBackendRoleMap) ToSecretBackendRoleMapOutput() SecretBackendRoleMapOutput

func (SecretBackendRoleMap) ToSecretBackendRoleMapOutputWithContext 

func (i SecretBackendRoleMap) ToSecretBackendRoleMapOutputWithContext(ctx context.Context) SecretBackendRoleMapOutput

type SecretBackendRoleMapInput 

type SecretBackendRoleMapInput interface {
	pulumi.Input

	ToSecretBackendRoleMapOutput() SecretBackendRoleMapOutput
	ToSecretBackendRoleMapOutputWithContext(context.Context) SecretBackendRoleMapOutput
}

SecretBackendRoleMapInput is an input type that accepts SecretBackendRoleMap and SecretBackendRoleMapOutput values. You can construct a concrete instance of `SecretBackendRoleMapInput` via: 

SecretBackendRoleMap{ "key": SecretBackendRoleArgs{...} }

type SecretBackendRoleMapOutput 

type SecretBackendRoleMapOutput struct{ *pulumi.OutputState }

func (SecretBackendRoleMapOutput) ElementType 

func (SecretBackendRoleMapOutput) ElementType() reflect.Type

func (SecretBackendRoleMapOutput) MapIndex 

func (o SecretBackendRoleMapOutput) MapIndex(k pulumi.StringInput) SecretBackendRoleOutput

func (SecretBackendRoleMapOutput) ToSecretBackendRoleMapOutput 

func (o SecretBackendRoleMapOutput) ToSecretBackendRoleMapOutput() SecretBackendRoleMapOutput

func (SecretBackendRoleMapOutput) ToSecretBackendRoleMapOutputWithContext 

func (o SecretBackendRoleMapOutput) ToSecretBackendRoleMapOutputWithContext(ctx context.Context) SecretBackendRoleMapOutput

type SecretBackendRoleOutput 

type SecretBackendRoleOutput struct{ *pulumi.OutputState }

func (SecretBackendRoleOutput) AllowAnyName 

func (o SecretBackendRoleOutput) AllowAnyName() pulumi.BoolPtrOutput

Flag to allow any name

func (SecretBackendRoleOutput) AllowBareDomains 

func (o SecretBackendRoleOutput) AllowBareDomains() pulumi.BoolPtrOutput

Flag to allow certificates matching the actual domain

func (SecretBackendRoleOutput) AllowGlobDomains 

func (o SecretBackendRoleOutput) AllowGlobDomains() pulumi.BoolPtrOutput

Flag to allow names containing glob patterns.

func (SecretBackendRoleOutput) AllowIpSans 

func (o SecretBackendRoleOutput) AllowIpSans() pulumi.BoolPtrOutput

Flag to allow IP SANs

func (SecretBackendRoleOutput) AllowLocalhost 

func (o SecretBackendRoleOutput) AllowLocalhost() pulumi.BoolPtrOutput

Flag to allow certificates for localhost

func (SecretBackendRoleOutput) AllowSubdomains 

func (o SecretBackendRoleOutput) AllowSubdomains() pulumi.BoolPtrOutput

Flag to allow certificates matching subdomains

func (SecretBackendRoleOutput) AllowWildcardCertificates 

func (o SecretBackendRoleOutput) AllowWildcardCertificates() pulumi.BoolPtrOutput

Flag to allow wildcard certificates.

func (SecretBackendRoleOutput) AllowedDomains 

func (o SecretBackendRoleOutput) AllowedDomains() pulumi.StringArrayOutput

List of allowed domains for certificates

func (SecretBackendRoleOutput) AllowedDomainsTemplate 

func (o SecretBackendRoleOutput) AllowedDomainsTemplate() pulumi.BoolPtrOutput

Flag, if set, `allowedDomains` can be specified using identity template expressions such as `{{identity.entity.aliases.<mount accessor>.name}}`.

func (SecretBackendRoleOutput) AllowedOtherSans 

func (o SecretBackendRoleOutput) AllowedOtherSans() pulumi.StringArrayOutput

Defines allowed custom SANs

func (SecretBackendRoleOutput) AllowedSerialNumbers 

func (o SecretBackendRoleOutput) AllowedSerialNumbers() pulumi.StringArrayOutput

An array of allowed serial numbers to put in Subject

func (SecretBackendRoleOutput) AllowedUriSans 

func (o SecretBackendRoleOutput) AllowedUriSans() pulumi.StringArrayOutput

Defines allowed URI SANs

func (SecretBackendRoleOutput) AllowedUriSansTemplate 

func (o SecretBackendRoleOutput) AllowedUriSansTemplate() pulumi.BoolOutput

Flag, if set, `allowedUriSans` can be specified using identity template expressions such as `{{identity.entity.aliases.<mount accessor>.name}}`.

func (SecretBackendRoleOutput) AllowedUserIds 

func (o SecretBackendRoleOutput) AllowedUserIds() pulumi.StringArrayOutput

Defines allowed User IDs

func (SecretBackendRoleOutput) Backend 

func (o SecretBackendRoleOutput) Backend() pulumi.StringOutput

The path the PKI secret backend is mounted at, with no leading or trailing `/`s.

func (SecretBackendRoleOutput) BasicConstraintsValidForNonCa 

func (o SecretBackendRoleOutput) BasicConstraintsValidForNonCa() pulumi.BoolPtrOutput

Flag to mark basic constraints valid when issuing non-CA certificates

func (SecretBackendRoleOutput) ClientFlag 

func (o SecretBackendRoleOutput) ClientFlag() pulumi.BoolPtrOutput

Flag to specify certificates for client use

func (SecretBackendRoleOutput) CodeSigningFlag 

func (o SecretBackendRoleOutput) CodeSigningFlag() pulumi.BoolPtrOutput

Flag to specify certificates for code signing use

func (SecretBackendRoleOutput) Countries 

func (o SecretBackendRoleOutput) Countries() pulumi.StringArrayOutput

The country of generated certificates

func (SecretBackendRoleOutput) ElementType 

func (SecretBackendRoleOutput) ElementType() reflect.Type

func (SecretBackendRoleOutput) EmailProtectionFlag 

func (o SecretBackendRoleOutput) EmailProtectionFlag() pulumi.BoolPtrOutput

Flag to specify certificates for email protection use

func (SecretBackendRoleOutput) EnforceHostnames 

func (o SecretBackendRoleOutput) EnforceHostnames() pulumi.BoolPtrOutput

Flag to allow only valid host names

func (SecretBackendRoleOutput) ExtKeyUsageOids 

func (o SecretBackendRoleOutput) ExtKeyUsageOids() pulumi.StringArrayOutput

Specify the allowed extended key usage OIDs constraint on issued certificates

func (SecretBackendRoleOutput) ExtKeyUsages 

func (o SecretBackendRoleOutput) ExtKeyUsages() pulumi.StringArrayOutput

Specify the allowed extended key usage constraint on issued certificates

func (SecretBackendRoleOutput) GenerateLease 

func (o SecretBackendRoleOutput) GenerateLease() pulumi.BoolPtrOutput

Flag to generate leases with certificates

func (SecretBackendRoleOutput) IssuerRef 

func (o SecretBackendRoleOutput) IssuerRef() pulumi.StringOutput

Specifies the default issuer of this request. May be the value `default`, a name, or an issuer ID. Use ACLs to prevent access to the `/pki/issuer/:issuer_ref/{issue,sign}/:name` paths to prevent users overriding the role's `issuerRef` value.

func (SecretBackendRoleOutput) KeyBits 

func (o SecretBackendRoleOutput) KeyBits() pulumi.IntPtrOutput

The number of bits of generated keys

func (SecretBackendRoleOutput) KeyType 

func (o SecretBackendRoleOutput) KeyType() pulumi.StringPtrOutput

The generated key type, choices: `rsa`, `ec`, `ed25519`, `any` Defaults to `rsa`

func (SecretBackendRoleOutput) KeyUsages 

func (o SecretBackendRoleOutput) KeyUsages() pulumi.StringArrayOutput

Specify the allowed key usage constraint on issued certificates. Defaults to `["DigitalSignature", "KeyAgreement", "KeyEncipherment"])`. To specify no default key usage constraints, set this to an empty list `[]`.

func (SecretBackendRoleOutput) Localities 

func (o SecretBackendRoleOutput) Localities() pulumi.StringArrayOutput

The locality of generated certificates

func (SecretBackendRoleOutput) MaxTtl 

func (o SecretBackendRoleOutput) MaxTtl() pulumi.StringOutput

The maximum lease TTL, in seconds, for the role.

func (SecretBackendRoleOutput) Name 

func (o SecretBackendRoleOutput) Name() pulumi.StringOutput

The name to identify this role within the backend. Must be unique within the backend.

func (SecretBackendRoleOutput) Namespace 

func (o SecretBackendRoleOutput) Namespace() pulumi.StringPtrOutput

The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). *Available only for Vault Enterprise*.

func (SecretBackendRoleOutput) NoStore 

func (o SecretBackendRoleOutput) NoStore() pulumi.BoolPtrOutput

Flag to not store certificates in the storage backend

func (SecretBackendRoleOutput) NotBeforeDuration 

func (o SecretBackendRoleOutput) NotBeforeDuration() pulumi.StringOutput

Specifies the duration by which to backdate the NotBefore property.

func (SecretBackendRoleOutput) OrganizationUnit 

func (o SecretBackendRoleOutput) OrganizationUnit() pulumi.StringArrayOutput

The organization unit of generated certificates

func (SecretBackendRoleOutput) Organizations 

func (o SecretBackendRoleOutput) Organizations() pulumi.StringArrayOutput

The organization of generated certificates

func (SecretBackendRoleOutput) PolicyIdentifier 

func (o SecretBackendRoleOutput) PolicyIdentifier() SecretBackendRolePolicyIdentifierArrayOutput

(Vault 1.11+ only) A block for specifying policy identifers. The `policyIdentifier` block can be repeated, and supports the following arguments:

func (SecretBackendRoleOutput) PolicyIdentifiers 

func (o SecretBackendRoleOutput) PolicyIdentifiers() pulumi.StringArrayOutput

Specify the list of allowed policies OIDs. Use with Vault 1.10 or before. For Vault 1.11+, use `policyIdentifier` blocks instead

func (SecretBackendRoleOutput) PostalCodes 

func (o SecretBackendRoleOutput) PostalCodes() pulumi.StringArrayOutput

The postal code of generated certificates

func (SecretBackendRoleOutput) Provinces 

func (o SecretBackendRoleOutput) Provinces() pulumi.StringArrayOutput

The province of generated certificates

func (SecretBackendRoleOutput) RequireCn 

func (o SecretBackendRoleOutput) RequireCn() pulumi.BoolPtrOutput

Flag to force CN usage

func (SecretBackendRoleOutput) ServerFlag 

func (o SecretBackendRoleOutput) ServerFlag() pulumi.BoolPtrOutput

Flag to specify certificates for server use

func (SecretBackendRoleOutput) StreetAddresses 

func (o SecretBackendRoleOutput) StreetAddresses() pulumi.StringArrayOutput

The street address of generated certificates

func (SecretBackendRoleOutput) ToSecretBackendRoleOutput 

func (o SecretBackendRoleOutput) ToSecretBackendRoleOutput() SecretBackendRoleOutput

func (SecretBackendRoleOutput) ToSecretBackendRoleOutputWithContext 

func (o SecretBackendRoleOutput) ToSecretBackendRoleOutputWithContext(ctx context.Context) SecretBackendRoleOutput

func (SecretBackendRoleOutput) Ttl 

func (o SecretBackendRoleOutput) Ttl() pulumi.StringOutput

The TTL, in seconds, for any certificate issued against this role.

func (SecretBackendRoleOutput) UseCsrCommonName 

func (o SecretBackendRoleOutput) UseCsrCommonName() pulumi.BoolPtrOutput

Flag to use the CN in the CSR

func (SecretBackendRoleOutput) UseCsrSans 

func (o SecretBackendRoleOutput) UseCsrSans() pulumi.BoolPtrOutput

Flag to use the SANs in the CSR

type SecretBackendRolePolicyIdentifier 

type SecretBackendRolePolicyIdentifier struct {
	// The URL of the CPS for the policy identifier
	//
	// Example usage:
	Cps *string `pulumi:"cps"`
	// A notice for the policy identifier
	Notice *string `pulumi:"notice"`
	// The OID for the policy identifier
	Oid string `pulumi:"oid"`
}

type SecretBackendRolePolicyIdentifierArgs 

type SecretBackendRolePolicyIdentifierArgs struct {
	// The URL of the CPS for the policy identifier
	//
	// Example usage:
	Cps pulumi.StringPtrInput `pulumi:"cps"`
	// A notice for the policy identifier
	Notice pulumi.StringPtrInput `pulumi:"notice"`
	// The OID for the policy identifier
	Oid pulumi.StringInput `pulumi:"oid"`
}

func (SecretBackendRolePolicyIdentifierArgs) ElementType 

func (SecretBackendRolePolicyIdentifierArgs) ElementType() reflect.Type

func (SecretBackendRolePolicyIdentifierArgs) ToSecretBackendRolePolicyIdentifierOutput 

func (i SecretBackendRolePolicyIdentifierArgs) ToSecretBackendRolePolicyIdentifierOutput() SecretBackendRolePolicyIdentifierOutput

func (SecretBackendRolePolicyIdentifierArgs) ToSecretBackendRolePolicyIdentifierOutputWithContext 

func (i SecretBackendRolePolicyIdentifierArgs) ToSecretBackendRolePolicyIdentifierOutputWithContext(ctx context.Context) SecretBackendRolePolicyIdentifierOutput

type SecretBackendRolePolicyIdentifierArray 

type SecretBackendRolePolicyIdentifierArray []SecretBackendRolePolicyIdentifierInput

func (SecretBackendRolePolicyIdentifierArray) ElementType 

func (SecretBackendRolePolicyIdentifierArray) ElementType() reflect.Type

func (SecretBackendRolePolicyIdentifierArray) ToSecretBackendRolePolicyIdentifierArrayOutput 

func (i SecretBackendRolePolicyIdentifierArray) ToSecretBackendRolePolicyIdentifierArrayOutput() SecretBackendRolePolicyIdentifierArrayOutput

func (SecretBackendRolePolicyIdentifierArray) ToSecretBackendRolePolicyIdentifierArrayOutputWithContext 

func (i SecretBackendRolePolicyIdentifierArray) ToSecretBackendRolePolicyIdentifierArrayOutputWithContext(ctx context.Context) SecretBackendRolePolicyIdentifierArrayOutput

type SecretBackendRolePolicyIdentifierArrayInput 

type SecretBackendRolePolicyIdentifierArrayInput interface {
	pulumi.Input

	ToSecretBackendRolePolicyIdentifierArrayOutput() SecretBackendRolePolicyIdentifierArrayOutput
	ToSecretBackendRolePolicyIdentifierArrayOutputWithContext(context.Context) SecretBackendRolePolicyIdentifierArrayOutput
}

SecretBackendRolePolicyIdentifierArrayInput is an input type that accepts SecretBackendRolePolicyIdentifierArray and SecretBackendRolePolicyIdentifierArrayOutput values. You can construct a concrete instance of `SecretBackendRolePolicyIdentifierArrayInput` via: 

SecretBackendRolePolicyIdentifierArray{ SecretBackendRolePolicyIdentifierArgs{...} }

type SecretBackendRolePolicyIdentifierArrayOutput 

type SecretBackendRolePolicyIdentifierArrayOutput struct{ *pulumi.OutputState }

func (SecretBackendRolePolicyIdentifierArrayOutput) ElementType 

func (SecretBackendRolePolicyIdentifierArrayOutput) ElementType() reflect.Type

func (SecretBackendRolePolicyIdentifierArrayOutput) Index 

func (o SecretBackendRolePolicyIdentifierArrayOutput) Index(i pulumi.IntInput) SecretBackendRolePolicyIdentifierOutput

func (SecretBackendRolePolicyIdentifierArrayOutput) ToSecretBackendRolePolicyIdentifierArrayOutput 

func (o SecretBackendRolePolicyIdentifierArrayOutput) ToSecretBackendRolePolicyIdentifierArrayOutput() SecretBackendRolePolicyIdentifierArrayOutput

func (SecretBackendRolePolicyIdentifierArrayOutput) ToSecretBackendRolePolicyIdentifierArrayOutputWithContext 

func (o SecretBackendRolePolicyIdentifierArrayOutput) ToSecretBackendRolePolicyIdentifierArrayOutputWithContext(ctx context.Context) SecretBackendRolePolicyIdentifierArrayOutput

type SecretBackendRolePolicyIdentifierInput 

type SecretBackendRolePolicyIdentifierInput interface {
	pulumi.Input

	ToSecretBackendRolePolicyIdentifierOutput() SecretBackendRolePolicyIdentifierOutput
	ToSecretBackendRolePolicyIdentifierOutputWithContext(context.Context) SecretBackendRolePolicyIdentifierOutput
}

SecretBackendRolePolicyIdentifierInput is an input type that accepts SecretBackendRolePolicyIdentifierArgs and SecretBackendRolePolicyIdentifierOutput values. You can construct a concrete instance of `SecretBackendRolePolicyIdentifierInput` via: 

SecretBackendRolePolicyIdentifierArgs{...}

type SecretBackendRolePolicyIdentifierOutput 

type SecretBackendRolePolicyIdentifierOutput struct{ *pulumi.OutputState }

func (SecretBackendRolePolicyIdentifierOutput) Cps 

func (o SecretBackendRolePolicyIdentifierOutput) Cps() pulumi.StringPtrOutput

The URL of the CPS for the policy identifier

Example usage:

func (SecretBackendRolePolicyIdentifierOutput) ElementType 

func (SecretBackendRolePolicyIdentifierOutput) ElementType() reflect.Type

func (SecretBackendRolePolicyIdentifierOutput) Notice 

func (o SecretBackendRolePolicyIdentifierOutput) Notice() pulumi.StringPtrOutput

A notice for the policy identifier

func (SecretBackendRolePolicyIdentifierOutput) Oid 

func (o SecretBackendRolePolicyIdentifierOutput) Oid() pulumi.StringOutput

The OID for the policy identifier

func (SecretBackendRolePolicyIdentifierOutput) ToSecretBackendRolePolicyIdentifierOutput 

func (o SecretBackendRolePolicyIdentifierOutput) ToSecretBackendRolePolicyIdentifierOutput() SecretBackendRolePolicyIdentifierOutput

func (SecretBackendRolePolicyIdentifierOutput) ToSecretBackendRolePolicyIdentifierOutputWithContext 

func (o SecretBackendRolePolicyIdentifierOutput) ToSecretBackendRolePolicyIdentifierOutputWithContext(ctx context.Context) SecretBackendRolePolicyIdentifierOutput

type SecretBackendRoleState 

type SecretBackendRoleState struct {
	// Flag to allow any name
	AllowAnyName pulumi.BoolPtrInput
	// Flag to allow certificates matching the actual domain
	AllowBareDomains pulumi.BoolPtrInput
	// Flag to allow names containing glob patterns.
	AllowGlobDomains pulumi.BoolPtrInput
	// Flag to allow IP SANs
	AllowIpSans pulumi.BoolPtrInput
	// Flag to allow certificates for localhost
	AllowLocalhost pulumi.BoolPtrInput
	// Flag to allow certificates matching subdomains
	AllowSubdomains pulumi.BoolPtrInput
	// Flag to allow wildcard certificates.
	AllowWildcardCertificates pulumi.BoolPtrInput
	// List of allowed domains for certificates
	AllowedDomains pulumi.StringArrayInput
	// Flag, if set, `allowedDomains` can be specified using identity template expressions such as `{{identity.entity.aliases.<mount accessor>.name}}`.
	AllowedDomainsTemplate pulumi.BoolPtrInput
	// Defines allowed custom SANs
	AllowedOtherSans pulumi.StringArrayInput
	// An array of allowed serial numbers to put in Subject
	AllowedSerialNumbers pulumi.StringArrayInput
	// Defines allowed URI SANs
	AllowedUriSans pulumi.StringArrayInput
	// Flag, if set, `allowedUriSans` can be specified using identity template expressions such as `{{identity.entity.aliases.<mount accessor>.name}}`.
	AllowedUriSansTemplate pulumi.BoolPtrInput
	// Defines allowed User IDs
	AllowedUserIds pulumi.StringArrayInput
	// The path the PKI secret backend is mounted at, with no leading or trailing `/`s.
	Backend pulumi.StringPtrInput
	// Flag to mark basic constraints valid when issuing non-CA certificates
	BasicConstraintsValidForNonCa pulumi.BoolPtrInput
	// Flag to specify certificates for client use
	ClientFlag pulumi.BoolPtrInput
	// Flag to specify certificates for code signing use
	CodeSigningFlag pulumi.BoolPtrInput
	// The country of generated certificates
	Countries pulumi.StringArrayInput
	// Flag to specify certificates for email protection use
	EmailProtectionFlag pulumi.BoolPtrInput
	// Flag to allow only valid host names
	EnforceHostnames pulumi.BoolPtrInput
	// Specify the allowed extended key usage OIDs constraint on issued certificates
	ExtKeyUsageOids pulumi.StringArrayInput
	// Specify the allowed extended key usage constraint on issued certificates
	ExtKeyUsages pulumi.StringArrayInput
	// Flag to generate leases with certificates
	GenerateLease pulumi.BoolPtrInput
	// Specifies the default issuer of this request. May
	// be the value `default`, a name, or an issuer ID. Use ACLs to prevent access to
	// the `/pki/issuer/:issuer_ref/{issue,sign}/:name` paths to prevent users
	// overriding the role's `issuerRef` value.
	IssuerRef pulumi.StringPtrInput
	// The number of bits of generated keys
	KeyBits pulumi.IntPtrInput
	// The generated key type, choices: `rsa`, `ec`, `ed25519`, `any`
	// Defaults to `rsa`
	KeyType pulumi.StringPtrInput
	// Specify the allowed key usage constraint on issued
	// certificates. Defaults to `["DigitalSignature", "KeyAgreement", "KeyEncipherment"])`.
	// To specify no default key usage constraints, set this to an empty list `[]`.
	KeyUsages pulumi.StringArrayInput
	// The locality of generated certificates
	Localities pulumi.StringArrayInput
	// The maximum lease TTL, in seconds, for the role.
	MaxTtl pulumi.StringPtrInput
	// The name to identify this role within the backend. Must be unique within the backend.
	Name pulumi.StringPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// Flag to not store certificates in the storage backend
	NoStore pulumi.BoolPtrInput
	// Specifies the duration by which to backdate the NotBefore property.
	NotBeforeDuration pulumi.StringPtrInput
	// The organization unit of generated certificates
	OrganizationUnit pulumi.StringArrayInput
	// The organization of generated certificates
	Organizations pulumi.StringArrayInput
	// (Vault 1.11+ only) A block for specifying policy identifers. The `policyIdentifier` block can be repeated, and supports the following arguments:
	PolicyIdentifier SecretBackendRolePolicyIdentifierArrayInput
	// Specify the list of allowed policies OIDs. Use with Vault 1.10 or before. For Vault 1.11+, use `policyIdentifier` blocks instead
	PolicyIdentifiers pulumi.StringArrayInput
	// The postal code of generated certificates
	PostalCodes pulumi.StringArrayInput
	// The province of generated certificates
	Provinces pulumi.StringArrayInput
	// Flag to force CN usage
	RequireCn pulumi.BoolPtrInput
	// Flag to specify certificates for server use
	ServerFlag pulumi.BoolPtrInput
	// The street address of generated certificates
	StreetAddresses pulumi.StringArrayInput
	// The TTL, in seconds, for any certificate issued against this role.
	Ttl pulumi.StringPtrInput
	// Flag to use the CN in the CSR
	UseCsrCommonName pulumi.BoolPtrInput
	// Flag to use the SANs in the CSR
	UseCsrSans pulumi.BoolPtrInput
}

func (SecretBackendRoleState) ElementType 

func (SecretBackendRoleState) ElementType() reflect.Type

type SecretBackendRootCert 

type SecretBackendRootCert struct {
	pulumi.CustomResourceState

	// List of alternative names
	AltNames pulumi.StringArrayOutput `pulumi:"altNames"`
	// The PKI secret backend the resource belongs to.
	Backend pulumi.StringOutput `pulumi:"backend"`
	// The certificate.
	Certificate pulumi.StringOutput `pulumi:"certificate"`
	// CN of intermediate to create
	CommonName pulumi.StringOutput `pulumi:"commonName"`
	// The country
	Country pulumi.StringPtrOutput `pulumi:"country"`
	// Flag to exclude CN from SANs
	ExcludeCnFromSans pulumi.BoolPtrOutput `pulumi:"excludeCnFromSans"`
	// The format of data
	Format pulumi.StringPtrOutput `pulumi:"format"`
	// List of alternative IPs
	IpSans pulumi.StringArrayOutput `pulumi:"ipSans"`
	// The ID of the generated issuer.
	IssuerId pulumi.StringOutput `pulumi:"issuerId"`
	// Provides a name to the specified issuer. The name must be unique
	// across all issuers and not be the reserved value `default`
	IssuerName pulumi.StringOutput `pulumi:"issuerName"`
	// The issuing CA certificate.
	IssuingCa pulumi.StringOutput `pulumi:"issuingCa"`
	// The number of bits to use
	KeyBits pulumi.IntPtrOutput `pulumi:"keyBits"`
	// The ID of the generated key.
	KeyId pulumi.StringOutput `pulumi:"keyId"`
	// When a new key is created with this request, optionally specifies
	// the name for this. The global ref `default` may not be used as a name.
	KeyName pulumi.StringOutput `pulumi:"keyName"`
	// Specifies the key (either default, by name, or by identifier) to use
	// for generating this request. Only suitable for `type=existing` requests.
	KeyRef pulumi.StringOutput `pulumi:"keyRef"`
	// The desired key type
	KeyType pulumi.StringPtrOutput `pulumi:"keyType"`
	// The locality
	Locality pulumi.StringPtrOutput `pulumi:"locality"`
	// The ID of the previously configured managed key. This field is
	// required if `type` is `kms` and it conflicts with `managedKeyName`
	ManagedKeyId pulumi.StringOutput `pulumi:"managedKeyId"`
	// The name of the previously configured managed key. This field is
	// required if `type` is `kms`  and it conflicts with `managedKeyId`
	ManagedKeyName pulumi.StringOutput `pulumi:"managedKeyName"`
	// The maximum path length to encode in the generated certificate
	MaxPathLength pulumi.IntPtrOutput `pulumi:"maxPathLength"`
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrOutput `pulumi:"namespace"`
	// The organization
	Organization pulumi.StringPtrOutput `pulumi:"organization"`
	// List of other SANs
	OtherSans pulumi.StringArrayOutput `pulumi:"otherSans"`
	// The organization unit
	Ou pulumi.StringPtrOutput `pulumi:"ou"`
	// List of domains for which certificates are allowed to be issued
	PermittedDnsDomains pulumi.StringArrayOutput `pulumi:"permittedDnsDomains"`
	// The postal code
	PostalCode pulumi.StringPtrOutput `pulumi:"postalCode"`
	// The private key format
	PrivateKeyFormat pulumi.StringPtrOutput `pulumi:"privateKeyFormat"`
	// The province
	Province pulumi.StringPtrOutput `pulumi:"province"`
	// The certificate's serial number, hex formatted.
	SerialNumber pulumi.StringOutput `pulumi:"serialNumber"`
	// The street address
	StreetAddress pulumi.StringPtrOutput `pulumi:"streetAddress"`
	// Time to live
	Ttl pulumi.StringPtrOutput `pulumi:"ttl"`
	// Type of intermediate to create. Must be either \"exported\", \"internal\"
	// or \"kms\"
	Type pulumi.StringOutput `pulumi:"type"`
	// List of alternative URIs
	UriSans pulumi.StringArrayOutput `pulumi:"uriSans"`
}

## Example Usage

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/pkiSecret"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := pkiSecret.NewSecretBackendRootCert(ctx, "test", &pkiSecret.SecretBackendRootCertArgs{
			Backend:           pulumi.Any(vault_mount.Pki.Path),
			Type:              pulumi.String("internal"),
			CommonName:        pulumi.String("Root CA"),
			Ttl:               pulumi.String("315360000"),
			Format:            pulumi.String("pem"),
			PrivateKeyFormat:  pulumi.String("der"),
			KeyType:           pulumi.String("rsa"),
			KeyBits:           pulumi.Int(4096),
			ExcludeCnFromSans: pulumi.Bool(true),
			Ou:                pulumi.String("My OU"),
			Organization:      pulumi.String("My organization"),
		}, pulumi.DependsOn([]pulumi.Resource{
			vault_mount.Pki,
		}))
		if err != nil {
			return err
		}
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

func GetSecretBackendRootCert 

func GetSecretBackendRootCert(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *SecretBackendRootCertState, opts ...pulumi.ResourceOption) (*SecretBackendRootCert, error)

GetSecretBackendRootCert gets an existing SecretBackendRootCert resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewSecretBackendRootCert 

func NewSecretBackendRootCert(ctx *pulumi.Context,
	name string, args *SecretBackendRootCertArgs, opts ...pulumi.ResourceOption) (*SecretBackendRootCert, error)

NewSecretBackendRootCert registers a new resource with the given unique name, arguments, and options.

func (*SecretBackendRootCert) ElementType 

func (*SecretBackendRootCert) ElementType() reflect.Type

func (*SecretBackendRootCert) ToSecretBackendRootCertOutput 

func (i *SecretBackendRootCert) ToSecretBackendRootCertOutput() SecretBackendRootCertOutput

func (*SecretBackendRootCert) ToSecretBackendRootCertOutputWithContext 

func (i *SecretBackendRootCert) ToSecretBackendRootCertOutputWithContext(ctx context.Context) SecretBackendRootCertOutput

type SecretBackendRootCertArgs 

type SecretBackendRootCertArgs struct {
	// List of alternative names
	AltNames pulumi.StringArrayInput
	// The PKI secret backend the resource belongs to.
	Backend pulumi.StringInput
	// CN of intermediate to create
	CommonName pulumi.StringInput
	// The country
	Country pulumi.StringPtrInput
	// Flag to exclude CN from SANs
	ExcludeCnFromSans pulumi.BoolPtrInput
	// The format of data
	Format pulumi.StringPtrInput
	// List of alternative IPs
	IpSans pulumi.StringArrayInput
	// Provides a name to the specified issuer. The name must be unique
	// across all issuers and not be the reserved value `default`
	IssuerName pulumi.StringPtrInput
	// The number of bits to use
	KeyBits pulumi.IntPtrInput
	// When a new key is created with this request, optionally specifies
	// the name for this. The global ref `default` may not be used as a name.
	KeyName pulumi.StringPtrInput
	// Specifies the key (either default, by name, or by identifier) to use
	// for generating this request. Only suitable for `type=existing` requests.
	KeyRef pulumi.StringPtrInput
	// The desired key type
	KeyType pulumi.StringPtrInput
	// The locality
	Locality pulumi.StringPtrInput
	// The ID of the previously configured managed key. This field is
	// required if `type` is `kms` and it conflicts with `managedKeyName`
	ManagedKeyId pulumi.StringPtrInput
	// The name of the previously configured managed key. This field is
	// required if `type` is `kms`  and it conflicts with `managedKeyId`
	ManagedKeyName pulumi.StringPtrInput
	// The maximum path length to encode in the generated certificate
	MaxPathLength pulumi.IntPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// The organization
	Organization pulumi.StringPtrInput
	// List of other SANs
	OtherSans pulumi.StringArrayInput
	// The organization unit
	Ou pulumi.StringPtrInput
	// List of domains for which certificates are allowed to be issued
	PermittedDnsDomains pulumi.StringArrayInput
	// The postal code
	PostalCode pulumi.StringPtrInput
	// The private key format
	PrivateKeyFormat pulumi.StringPtrInput
	// The province
	Province pulumi.StringPtrInput
	// The street address
	StreetAddress pulumi.StringPtrInput
	// Time to live
	Ttl pulumi.StringPtrInput
	// Type of intermediate to create. Must be either \"exported\", \"internal\"
	// or \"kms\"
	Type pulumi.StringInput
	// List of alternative URIs
	UriSans pulumi.StringArrayInput
}

The set of arguments for constructing a SecretBackendRootCert resource.

func (SecretBackendRootCertArgs) ElementType 

func (SecretBackendRootCertArgs) ElementType() reflect.Type

type SecretBackendRootCertArray 

type SecretBackendRootCertArray []SecretBackendRootCertInput

func (SecretBackendRootCertArray) ElementType 

func (SecretBackendRootCertArray) ElementType() reflect.Type

func (SecretBackendRootCertArray) ToSecretBackendRootCertArrayOutput 

func (i SecretBackendRootCertArray) ToSecretBackendRootCertArrayOutput() SecretBackendRootCertArrayOutput

func (SecretBackendRootCertArray) ToSecretBackendRootCertArrayOutputWithContext 

func (i SecretBackendRootCertArray) ToSecretBackendRootCertArrayOutputWithContext(ctx context.Context) SecretBackendRootCertArrayOutput

type SecretBackendRootCertArrayInput 

type SecretBackendRootCertArrayInput interface {
	pulumi.Input

	ToSecretBackendRootCertArrayOutput() SecretBackendRootCertArrayOutput
	ToSecretBackendRootCertArrayOutputWithContext(context.Context) SecretBackendRootCertArrayOutput
}

SecretBackendRootCertArrayInput is an input type that accepts SecretBackendRootCertArray and SecretBackendRootCertArrayOutput values. You can construct a concrete instance of `SecretBackendRootCertArrayInput` via: 

SecretBackendRootCertArray{ SecretBackendRootCertArgs{...} }

type SecretBackendRootCertArrayOutput 

type SecretBackendRootCertArrayOutput struct{ *pulumi.OutputState }

func (SecretBackendRootCertArrayOutput) ElementType 

func (SecretBackendRootCertArrayOutput) ElementType() reflect.Type

func (SecretBackendRootCertArrayOutput) Index 

func (o SecretBackendRootCertArrayOutput) Index(i pulumi.IntInput) SecretBackendRootCertOutput

func (SecretBackendRootCertArrayOutput) ToSecretBackendRootCertArrayOutput 

func (o SecretBackendRootCertArrayOutput) ToSecretBackendRootCertArrayOutput() SecretBackendRootCertArrayOutput

func (SecretBackendRootCertArrayOutput) ToSecretBackendRootCertArrayOutputWithContext 

func (o SecretBackendRootCertArrayOutput) ToSecretBackendRootCertArrayOutputWithContext(ctx context.Context) SecretBackendRootCertArrayOutput

type SecretBackendRootCertInput 

type SecretBackendRootCertInput interface {
	pulumi.Input

	ToSecretBackendRootCertOutput() SecretBackendRootCertOutput
	ToSecretBackendRootCertOutputWithContext(ctx context.Context) SecretBackendRootCertOutput
}

type SecretBackendRootCertMap 

type SecretBackendRootCertMap map[string]SecretBackendRootCertInput

func (SecretBackendRootCertMap) ElementType 

func (SecretBackendRootCertMap) ElementType() reflect.Type

func (SecretBackendRootCertMap) ToSecretBackendRootCertMapOutput 

func (i SecretBackendRootCertMap) ToSecretBackendRootCertMapOutput() SecretBackendRootCertMapOutput

func (SecretBackendRootCertMap) ToSecretBackendRootCertMapOutputWithContext 

func (i SecretBackendRootCertMap) ToSecretBackendRootCertMapOutputWithContext(ctx context.Context) SecretBackendRootCertMapOutput

type SecretBackendRootCertMapInput 

type SecretBackendRootCertMapInput interface {
	pulumi.Input

	ToSecretBackendRootCertMapOutput() SecretBackendRootCertMapOutput
	ToSecretBackendRootCertMapOutputWithContext(context.Context) SecretBackendRootCertMapOutput
}

SecretBackendRootCertMapInput is an input type that accepts SecretBackendRootCertMap and SecretBackendRootCertMapOutput values. You can construct a concrete instance of `SecretBackendRootCertMapInput` via: 

SecretBackendRootCertMap{ "key": SecretBackendRootCertArgs{...} }

type SecretBackendRootCertMapOutput 

type SecretBackendRootCertMapOutput struct{ *pulumi.OutputState }

func (SecretBackendRootCertMapOutput) ElementType 

func (SecretBackendRootCertMapOutput) ElementType() reflect.Type

func (SecretBackendRootCertMapOutput) MapIndex 

func (o SecretBackendRootCertMapOutput) MapIndex(k pulumi.StringInput) SecretBackendRootCertOutput

func (SecretBackendRootCertMapOutput) ToSecretBackendRootCertMapOutput 

func (o SecretBackendRootCertMapOutput) ToSecretBackendRootCertMapOutput() SecretBackendRootCertMapOutput

func (SecretBackendRootCertMapOutput) ToSecretBackendRootCertMapOutputWithContext 

func (o SecretBackendRootCertMapOutput) ToSecretBackendRootCertMapOutputWithContext(ctx context.Context) SecretBackendRootCertMapOutput

type SecretBackendRootCertOutput 

type SecretBackendRootCertOutput struct{ *pulumi.OutputState }

func (SecretBackendRootCertOutput) AltNames 

func (o SecretBackendRootCertOutput) AltNames() pulumi.StringArrayOutput

List of alternative names

func (SecretBackendRootCertOutput) Backend 

func (o SecretBackendRootCertOutput) Backend() pulumi.StringOutput

The PKI secret backend the resource belongs to.

func (SecretBackendRootCertOutput) Certificate 

func (o SecretBackendRootCertOutput) Certificate() pulumi.StringOutput

The certificate.

func (SecretBackendRootCertOutput) CommonName 

func (o SecretBackendRootCertOutput) CommonName() pulumi.StringOutput

CN of intermediate to create

func (SecretBackendRootCertOutput) Country 

func (o SecretBackendRootCertOutput) Country() pulumi.StringPtrOutput

The country

func (SecretBackendRootCertOutput) ElementType 

func (SecretBackendRootCertOutput) ElementType() reflect.Type

func (SecretBackendRootCertOutput) ExcludeCnFromSans 

func (o SecretBackendRootCertOutput) ExcludeCnFromSans() pulumi.BoolPtrOutput

Flag to exclude CN from SANs

func (SecretBackendRootCertOutput) Format 

func (o SecretBackendRootCertOutput) Format() pulumi.StringPtrOutput

The format of data

func (SecretBackendRootCertOutput) IpSans 

func (o SecretBackendRootCertOutput) IpSans() pulumi.StringArrayOutput

List of alternative IPs

func (SecretBackendRootCertOutput) IssuerId 

func (o SecretBackendRootCertOutput) IssuerId() pulumi.StringOutput

The ID of the generated issuer.

func (SecretBackendRootCertOutput) IssuerName 

func (o SecretBackendRootCertOutput) IssuerName() pulumi.StringOutput

Provides a name to the specified issuer. The name must be unique across all issuers and not be the reserved value `default`

func (SecretBackendRootCertOutput) IssuingCa 

func (o SecretBackendRootCertOutput) IssuingCa() pulumi.StringOutput

The issuing CA certificate.

func (SecretBackendRootCertOutput) KeyBits 

func (o SecretBackendRootCertOutput) KeyBits() pulumi.IntPtrOutput

The number of bits to use

func (SecretBackendRootCertOutput) KeyId 

func (o SecretBackendRootCertOutput) KeyId() pulumi.StringOutput

The ID of the generated key.

func (SecretBackendRootCertOutput) KeyName 

func (o SecretBackendRootCertOutput) KeyName() pulumi.StringOutput

When a new key is created with this request, optionally specifies the name for this. The global ref `default` may not be used as a name.

func (SecretBackendRootCertOutput) KeyRef 

func (o SecretBackendRootCertOutput) KeyRef() pulumi.StringOutput

Specifies the key (either default, by name, or by identifier) to use for generating this request. Only suitable for `type=existing` requests.

func (SecretBackendRootCertOutput) KeyType 

func (o SecretBackendRootCertOutput) KeyType() pulumi.StringPtrOutput

The desired key type

func (SecretBackendRootCertOutput) Locality 

func (o SecretBackendRootCertOutput) Locality() pulumi.StringPtrOutput

The locality

func (SecretBackendRootCertOutput) ManagedKeyId 

func (o SecretBackendRootCertOutput) ManagedKeyId() pulumi.StringOutput

The ID of the previously configured managed key. This field is required if `type` is `kms` and it conflicts with `managedKeyName`

func (SecretBackendRootCertOutput) ManagedKeyName 

func (o SecretBackendRootCertOutput) ManagedKeyName() pulumi.StringOutput

The name of the previously configured managed key. This field is required if `type` is `kms` and it conflicts with `managedKeyId`

func (SecretBackendRootCertOutput) MaxPathLength 

func (o SecretBackendRootCertOutput) MaxPathLength() pulumi.IntPtrOutput

The maximum path length to encode in the generated certificate

func (SecretBackendRootCertOutput) Namespace 

func (o SecretBackendRootCertOutput) Namespace() pulumi.StringPtrOutput

The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). *Available only for Vault Enterprise*.

func (SecretBackendRootCertOutput) Organization 

func (o SecretBackendRootCertOutput) Organization() pulumi.StringPtrOutput

The organization

func (SecretBackendRootCertOutput) OtherSans 

func (o SecretBackendRootCertOutput) OtherSans() pulumi.StringArrayOutput

List of other SANs

func (SecretBackendRootCertOutput) Ou 

func (o SecretBackendRootCertOutput) Ou() pulumi.StringPtrOutput

The organization unit

func (SecretBackendRootCertOutput) PermittedDnsDomains 

func (o SecretBackendRootCertOutput) PermittedDnsDomains() pulumi.StringArrayOutput

List of domains for which certificates are allowed to be issued

func (SecretBackendRootCertOutput) PostalCode 

func (o SecretBackendRootCertOutput) PostalCode() pulumi.StringPtrOutput

The postal code

func (SecretBackendRootCertOutput) PrivateKeyFormat 

func (o SecretBackendRootCertOutput) PrivateKeyFormat() pulumi.StringPtrOutput

The private key format

func (SecretBackendRootCertOutput) Province 

func (o SecretBackendRootCertOutput) Province() pulumi.StringPtrOutput

The province

func (SecretBackendRootCertOutput) SerialNumber 

func (o SecretBackendRootCertOutput) SerialNumber() pulumi.StringOutput

The certificate's serial number, hex formatted.

func (SecretBackendRootCertOutput) StreetAddress 

func (o SecretBackendRootCertOutput) StreetAddress() pulumi.StringPtrOutput

The street address

func (SecretBackendRootCertOutput) ToSecretBackendRootCertOutput 

func (o SecretBackendRootCertOutput) ToSecretBackendRootCertOutput() SecretBackendRootCertOutput

func (SecretBackendRootCertOutput) ToSecretBackendRootCertOutputWithContext 

func (o SecretBackendRootCertOutput) ToSecretBackendRootCertOutputWithContext(ctx context.Context) SecretBackendRootCertOutput

func (SecretBackendRootCertOutput) Ttl 

func (o SecretBackendRootCertOutput) Ttl() pulumi.StringPtrOutput

Time to live

func (SecretBackendRootCertOutput) Type 

func (o SecretBackendRootCertOutput) Type() pulumi.StringOutput

Type of intermediate to create. Must be either \"exported\", \"internal\" or \"kms\"

func (SecretBackendRootCertOutput) UriSans 

func (o SecretBackendRootCertOutput) UriSans() pulumi.StringArrayOutput

List of alternative URIs

type SecretBackendRootCertState 

type SecretBackendRootCertState struct {
	// List of alternative names
	AltNames pulumi.StringArrayInput
	// The PKI secret backend the resource belongs to.
	Backend pulumi.StringPtrInput
	// The certificate.
	Certificate pulumi.StringPtrInput
	// CN of intermediate to create
	CommonName pulumi.StringPtrInput
	// The country
	Country pulumi.StringPtrInput
	// Flag to exclude CN from SANs
	ExcludeCnFromSans pulumi.BoolPtrInput
	// The format of data
	Format pulumi.StringPtrInput
	// List of alternative IPs
	IpSans pulumi.StringArrayInput
	// The ID of the generated issuer.
	IssuerId pulumi.StringPtrInput
	// Provides a name to the specified issuer. The name must be unique
	// across all issuers and not be the reserved value `default`
	IssuerName pulumi.StringPtrInput
	// The issuing CA certificate.
	IssuingCa pulumi.StringPtrInput
	// The number of bits to use
	KeyBits pulumi.IntPtrInput
	// The ID of the generated key.
	KeyId pulumi.StringPtrInput
	// When a new key is created with this request, optionally specifies
	// the name for this. The global ref `default` may not be used as a name.
	KeyName pulumi.StringPtrInput
	// Specifies the key (either default, by name, or by identifier) to use
	// for generating this request. Only suitable for `type=existing` requests.
	KeyRef pulumi.StringPtrInput
	// The desired key type
	KeyType pulumi.StringPtrInput
	// The locality
	Locality pulumi.StringPtrInput
	// The ID of the previously configured managed key. This field is
	// required if `type` is `kms` and it conflicts with `managedKeyName`
	ManagedKeyId pulumi.StringPtrInput
	// The name of the previously configured managed key. This field is
	// required if `type` is `kms`  and it conflicts with `managedKeyId`
	ManagedKeyName pulumi.StringPtrInput
	// The maximum path length to encode in the generated certificate
	MaxPathLength pulumi.IntPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// The organization
	Organization pulumi.StringPtrInput
	// List of other SANs
	OtherSans pulumi.StringArrayInput
	// The organization unit
	Ou pulumi.StringPtrInput
	// List of domains for which certificates are allowed to be issued
	PermittedDnsDomains pulumi.StringArrayInput
	// The postal code
	PostalCode pulumi.StringPtrInput
	// The private key format
	PrivateKeyFormat pulumi.StringPtrInput
	// The province
	Province pulumi.StringPtrInput
	// The certificate's serial number, hex formatted.
	SerialNumber pulumi.StringPtrInput
	// The street address
	StreetAddress pulumi.StringPtrInput
	// Time to live
	Ttl pulumi.StringPtrInput
	// Type of intermediate to create. Must be either \"exported\", \"internal\"
	// or \"kms\"
	Type pulumi.StringPtrInput
	// List of alternative URIs
	UriSans pulumi.StringArrayInput
}

func (SecretBackendRootCertState) ElementType 

func (SecretBackendRootCertState) ElementType() reflect.Type

type SecretBackendRootSignIntermediate 

type SecretBackendRootSignIntermediate struct {
	pulumi.CustomResourceState

	// List of alternative names
	AltNames pulumi.StringArrayOutput `pulumi:"altNames"`
	// The PKI secret backend the resource belongs to.
	Backend pulumi.StringOutput `pulumi:"backend"`
	// A list of the issuing and intermediate CA certificates in the `format` specified.
	CaChains pulumi.StringArrayOutput `pulumi:"caChains"`
	// The intermediate CA certificate in the `format` specified.
	Certificate pulumi.StringOutput `pulumi:"certificate"`
	// The concatenation of the intermediate CA and the issuing CA certificates (PEM encoded).
	// Requires the `format` to be set to any of: pem, pem_bundle. The value will be empty for all other formats.
	CertificateBundle pulumi.StringOutput `pulumi:"certificateBundle"`
	// CN of intermediate to create
	CommonName pulumi.StringOutput `pulumi:"commonName"`
	// The country
	Country pulumi.StringPtrOutput `pulumi:"country"`
	// The CSR
	Csr pulumi.StringOutput `pulumi:"csr"`
	// Flag to exclude CN from SANs
	ExcludeCnFromSans pulumi.BoolPtrOutput `pulumi:"excludeCnFromSans"`
	// The format of data
	Format pulumi.StringPtrOutput `pulumi:"format"`
	// List of alternative IPs
	IpSans pulumi.StringArrayOutput `pulumi:"ipSans"`
	// Specifies the default issuer of this request. May
	// be the value `default`, a name, or an issuer ID. Use ACLs to prevent access to
	// the `/pki/issuer/:issuer_ref/{issue,sign}/:name` paths to prevent users
	// overriding the role's `issuerRef` value.
	IssuerRef pulumi.StringPtrOutput `pulumi:"issuerRef"`
	// The issuing CA certificate in the `format` specified.
	IssuingCa pulumi.StringOutput `pulumi:"issuingCa"`
	// The locality
	Locality pulumi.StringPtrOutput `pulumi:"locality"`
	// The maximum path length to encode in the generated certificate
	MaxPathLength pulumi.IntPtrOutput `pulumi:"maxPathLength"`
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrOutput `pulumi:"namespace"`
	// The organization
	Organization pulumi.StringPtrOutput `pulumi:"organization"`
	// List of other SANs
	OtherSans pulumi.StringArrayOutput `pulumi:"otherSans"`
	// The organization unit
	Ou pulumi.StringPtrOutput `pulumi:"ou"`
	// List of domains for which certificates are allowed to be issued
	PermittedDnsDomains pulumi.StringArrayOutput `pulumi:"permittedDnsDomains"`
	// The postal code
	PostalCode pulumi.StringPtrOutput `pulumi:"postalCode"`
	// The province
	Province pulumi.StringPtrOutput `pulumi:"province"`
	// If set to `true`, the certificate will be revoked on resource destruction.
	Revoke pulumi.BoolPtrOutput `pulumi:"revoke"`
	// The certificate's serial number, hex formatted.
	SerialNumber pulumi.StringOutput `pulumi:"serialNumber"`
	// The street address
	StreetAddress pulumi.StringPtrOutput `pulumi:"streetAddress"`
	// Time to live
	Ttl pulumi.StringPtrOutput `pulumi:"ttl"`
	// List of alternative URIs
	UriSans pulumi.StringArrayOutput `pulumi:"uriSans"`
	// Preserve CSR values
	UseCsrValues pulumi.BoolPtrOutput `pulumi:"useCsrValues"`
}

Creates PKI certificate.

## Example Usage

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/pkiSecret"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := pkiSecret.NewSecretBackendRootSignIntermediate(ctx, "root", &pkiSecret.SecretBackendRootSignIntermediateArgs{
			Backend:           pulumi.Any(vault_mount.Root.Path),
			Csr:               pulumi.Any(vault_pki_secret_backend_intermediate_cert_request.Intermediate.Csr),
			CommonName:        pulumi.String("Intermediate CA"),
			ExcludeCnFromSans: pulumi.Bool(true),
			Ou:                pulumi.String("My OU"),
			Organization:      pulumi.String("My organization"),
		}, pulumi.DependsOn([]pulumi.Resource{
			vault_pki_secret_backend_intermediate_cert_request.Intermediate,
		}))
		if err != nil {
			return err
		}
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

func GetSecretBackendRootSignIntermediate 

func GetSecretBackendRootSignIntermediate(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *SecretBackendRootSignIntermediateState, opts ...pulumi.ResourceOption) (*SecretBackendRootSignIntermediate, error)

GetSecretBackendRootSignIntermediate gets an existing SecretBackendRootSignIntermediate resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewSecretBackendRootSignIntermediate 

func NewSecretBackendRootSignIntermediate(ctx *pulumi.Context,
	name string, args *SecretBackendRootSignIntermediateArgs, opts ...pulumi.ResourceOption) (*SecretBackendRootSignIntermediate, error)

NewSecretBackendRootSignIntermediate registers a new resource with the given unique name, arguments, and options.

func (*SecretBackendRootSignIntermediate) ElementType 

func (*SecretBackendRootSignIntermediate) ElementType() reflect.Type

func (*SecretBackendRootSignIntermediate) ToSecretBackendRootSignIntermediateOutput 

func (i *SecretBackendRootSignIntermediate) ToSecretBackendRootSignIntermediateOutput() SecretBackendRootSignIntermediateOutput

func (*SecretBackendRootSignIntermediate) ToSecretBackendRootSignIntermediateOutputWithContext 

func (i *SecretBackendRootSignIntermediate) ToSecretBackendRootSignIntermediateOutputWithContext(ctx context.Context) SecretBackendRootSignIntermediateOutput

type SecretBackendRootSignIntermediateArgs 

type SecretBackendRootSignIntermediateArgs struct {
	// List of alternative names
	AltNames pulumi.StringArrayInput
	// The PKI secret backend the resource belongs to.
	Backend pulumi.StringInput
	// CN of intermediate to create
	CommonName pulumi.StringInput
	// The country
	Country pulumi.StringPtrInput
	// The CSR
	Csr pulumi.StringInput
	// Flag to exclude CN from SANs
	ExcludeCnFromSans pulumi.BoolPtrInput
	// The format of data
	Format pulumi.StringPtrInput
	// List of alternative IPs
	IpSans pulumi.StringArrayInput
	// Specifies the default issuer of this request. May
	// be the value `default`, a name, or an issuer ID. Use ACLs to prevent access to
	// the `/pki/issuer/:issuer_ref/{issue,sign}/:name` paths to prevent users
	// overriding the role's `issuerRef` value.
	IssuerRef pulumi.StringPtrInput
	// The locality
	Locality pulumi.StringPtrInput
	// The maximum path length to encode in the generated certificate
	MaxPathLength pulumi.IntPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// The organization
	Organization pulumi.StringPtrInput
	// List of other SANs
	OtherSans pulumi.StringArrayInput
	// The organization unit
	Ou pulumi.StringPtrInput
	// List of domains for which certificates are allowed to be issued
	PermittedDnsDomains pulumi.StringArrayInput
	// The postal code
	PostalCode pulumi.StringPtrInput
	// The province
	Province pulumi.StringPtrInput
	// If set to `true`, the certificate will be revoked on resource destruction.
	Revoke pulumi.BoolPtrInput
	// The street address
	StreetAddress pulumi.StringPtrInput
	// Time to live
	Ttl pulumi.StringPtrInput
	// List of alternative URIs
	UriSans pulumi.StringArrayInput
	// Preserve CSR values
	UseCsrValues pulumi.BoolPtrInput
}

The set of arguments for constructing a SecretBackendRootSignIntermediate resource.

func (SecretBackendRootSignIntermediateArgs) ElementType 

func (SecretBackendRootSignIntermediateArgs) ElementType() reflect.Type

type SecretBackendRootSignIntermediateArray 

type SecretBackendRootSignIntermediateArray []SecretBackendRootSignIntermediateInput

func (SecretBackendRootSignIntermediateArray) ElementType 

func (SecretBackendRootSignIntermediateArray) ElementType() reflect.Type

func (SecretBackendRootSignIntermediateArray) ToSecretBackendRootSignIntermediateArrayOutput 

func (i SecretBackendRootSignIntermediateArray) ToSecretBackendRootSignIntermediateArrayOutput() SecretBackendRootSignIntermediateArrayOutput

func (SecretBackendRootSignIntermediateArray) ToSecretBackendRootSignIntermediateArrayOutputWithContext 

func (i SecretBackendRootSignIntermediateArray) ToSecretBackendRootSignIntermediateArrayOutputWithContext(ctx context.Context) SecretBackendRootSignIntermediateArrayOutput

type SecretBackendRootSignIntermediateArrayInput 

type SecretBackendRootSignIntermediateArrayInput interface {
	pulumi.Input

	ToSecretBackendRootSignIntermediateArrayOutput() SecretBackendRootSignIntermediateArrayOutput
	ToSecretBackendRootSignIntermediateArrayOutputWithContext(context.Context) SecretBackendRootSignIntermediateArrayOutput
}

SecretBackendRootSignIntermediateArrayInput is an input type that accepts SecretBackendRootSignIntermediateArray and SecretBackendRootSignIntermediateArrayOutput values. You can construct a concrete instance of `SecretBackendRootSignIntermediateArrayInput` via: 

SecretBackendRootSignIntermediateArray{ SecretBackendRootSignIntermediateArgs{...} }

type SecretBackendRootSignIntermediateArrayOutput 

type SecretBackendRootSignIntermediateArrayOutput struct{ *pulumi.OutputState }

func (SecretBackendRootSignIntermediateArrayOutput) ElementType 

func (SecretBackendRootSignIntermediateArrayOutput) ElementType() reflect.Type

func (SecretBackendRootSignIntermediateArrayOutput) Index 

func (o SecretBackendRootSignIntermediateArrayOutput) Index(i pulumi.IntInput) SecretBackendRootSignIntermediateOutput

func (SecretBackendRootSignIntermediateArrayOutput) ToSecretBackendRootSignIntermediateArrayOutput 

func (o SecretBackendRootSignIntermediateArrayOutput) ToSecretBackendRootSignIntermediateArrayOutput() SecretBackendRootSignIntermediateArrayOutput

func (SecretBackendRootSignIntermediateArrayOutput) ToSecretBackendRootSignIntermediateArrayOutputWithContext 

func (o SecretBackendRootSignIntermediateArrayOutput) ToSecretBackendRootSignIntermediateArrayOutputWithContext(ctx context.Context) SecretBackendRootSignIntermediateArrayOutput

type SecretBackendRootSignIntermediateInput 

type SecretBackendRootSignIntermediateInput interface {
	pulumi.Input

	ToSecretBackendRootSignIntermediateOutput() SecretBackendRootSignIntermediateOutput
	ToSecretBackendRootSignIntermediateOutputWithContext(ctx context.Context) SecretBackendRootSignIntermediateOutput
}

type SecretBackendRootSignIntermediateMap 

type SecretBackendRootSignIntermediateMap map[string]SecretBackendRootSignIntermediateInput

func (SecretBackendRootSignIntermediateMap) ElementType 

func (SecretBackendRootSignIntermediateMap) ElementType() reflect.Type

func (SecretBackendRootSignIntermediateMap) ToSecretBackendRootSignIntermediateMapOutput 

func (i SecretBackendRootSignIntermediateMap) ToSecretBackendRootSignIntermediateMapOutput() SecretBackendRootSignIntermediateMapOutput

func (SecretBackendRootSignIntermediateMap) ToSecretBackendRootSignIntermediateMapOutputWithContext 

func (i SecretBackendRootSignIntermediateMap) ToSecretBackendRootSignIntermediateMapOutputWithContext(ctx context.Context) SecretBackendRootSignIntermediateMapOutput

type SecretBackendRootSignIntermediateMapInput 

type SecretBackendRootSignIntermediateMapInput interface {
	pulumi.Input

	ToSecretBackendRootSignIntermediateMapOutput() SecretBackendRootSignIntermediateMapOutput
	ToSecretBackendRootSignIntermediateMapOutputWithContext(context.Context) SecretBackendRootSignIntermediateMapOutput
}

SecretBackendRootSignIntermediateMapInput is an input type that accepts SecretBackendRootSignIntermediateMap and SecretBackendRootSignIntermediateMapOutput values. You can construct a concrete instance of `SecretBackendRootSignIntermediateMapInput` via: 

SecretBackendRootSignIntermediateMap{ "key": SecretBackendRootSignIntermediateArgs{...} }

type SecretBackendRootSignIntermediateMapOutput 

type SecretBackendRootSignIntermediateMapOutput struct{ *pulumi.OutputState }

func (SecretBackendRootSignIntermediateMapOutput) ElementType 

func (SecretBackendRootSignIntermediateMapOutput) ElementType() reflect.Type

func (SecretBackendRootSignIntermediateMapOutput) MapIndex 

func (o SecretBackendRootSignIntermediateMapOutput) MapIndex(k pulumi.StringInput) SecretBackendRootSignIntermediateOutput

func (SecretBackendRootSignIntermediateMapOutput) ToSecretBackendRootSignIntermediateMapOutput 

func (o SecretBackendRootSignIntermediateMapOutput) ToSecretBackendRootSignIntermediateMapOutput() SecretBackendRootSignIntermediateMapOutput

func (SecretBackendRootSignIntermediateMapOutput) ToSecretBackendRootSignIntermediateMapOutputWithContext 

func (o SecretBackendRootSignIntermediateMapOutput) ToSecretBackendRootSignIntermediateMapOutputWithContext(ctx context.Context) SecretBackendRootSignIntermediateMapOutput

type SecretBackendRootSignIntermediateOutput 

type SecretBackendRootSignIntermediateOutput struct{ *pulumi.OutputState }

func (SecretBackendRootSignIntermediateOutput) AltNames 

func (o SecretBackendRootSignIntermediateOutput) AltNames() pulumi.StringArrayOutput

List of alternative names

func (SecretBackendRootSignIntermediateOutput) Backend 

func (o SecretBackendRootSignIntermediateOutput) Backend() pulumi.StringOutput

The PKI secret backend the resource belongs to.

func (SecretBackendRootSignIntermediateOutput) CaChains 

func (o SecretBackendRootSignIntermediateOutput) CaChains() pulumi.StringArrayOutput

A list of the issuing and intermediate CA certificates in the `format` specified.

func (SecretBackendRootSignIntermediateOutput) Certificate 

func (o SecretBackendRootSignIntermediateOutput) Certificate() pulumi.StringOutput

The intermediate CA certificate in the `format` specified.

func (SecretBackendRootSignIntermediateOutput) CertificateBundle 

func (o SecretBackendRootSignIntermediateOutput) CertificateBundle() pulumi.StringOutput

The concatenation of the intermediate CA and the issuing CA certificates (PEM encoded). Requires the `format` to be set to any of: pem, pem_bundle. The value will be empty for all other formats.

func (SecretBackendRootSignIntermediateOutput) CommonName 

func (o SecretBackendRootSignIntermediateOutput) CommonName() pulumi.StringOutput

CN of intermediate to create

func (SecretBackendRootSignIntermediateOutput) Country 

func (o SecretBackendRootSignIntermediateOutput) Country() pulumi.StringPtrOutput

The country

func (SecretBackendRootSignIntermediateOutput) Csr 

func (o SecretBackendRootSignIntermediateOutput) Csr() pulumi.StringOutput

The CSR

func (SecretBackendRootSignIntermediateOutput) ElementType 

func (SecretBackendRootSignIntermediateOutput) ElementType() reflect.Type

func (SecretBackendRootSignIntermediateOutput) ExcludeCnFromSans 

func (o SecretBackendRootSignIntermediateOutput) ExcludeCnFromSans() pulumi.BoolPtrOutput

Flag to exclude CN from SANs

func (SecretBackendRootSignIntermediateOutput) Format 

func (o SecretBackendRootSignIntermediateOutput) Format() pulumi.StringPtrOutput

The format of data

func (SecretBackendRootSignIntermediateOutput) IpSans 

func (o SecretBackendRootSignIntermediateOutput) IpSans() pulumi.StringArrayOutput

List of alternative IPs

func (SecretBackendRootSignIntermediateOutput) IssuerRef 

func (o SecretBackendRootSignIntermediateOutput) IssuerRef() pulumi.StringPtrOutput

Specifies the default issuer of this request. May be the value `default`, a name, or an issuer ID. Use ACLs to prevent access to the `/pki/issuer/:issuer_ref/{issue,sign}/:name` paths to prevent users overriding the role's `issuerRef` value.

func (SecretBackendRootSignIntermediateOutput) IssuingCa 

func (o SecretBackendRootSignIntermediateOutput) IssuingCa() pulumi.StringOutput

The issuing CA certificate in the `format` specified.

func (SecretBackendRootSignIntermediateOutput) Locality 

func (o SecretBackendRootSignIntermediateOutput) Locality() pulumi.StringPtrOutput

The locality

func (SecretBackendRootSignIntermediateOutput) MaxPathLength 

func (o SecretBackendRootSignIntermediateOutput) MaxPathLength() pulumi.IntPtrOutput

The maximum path length to encode in the generated certificate

func (SecretBackendRootSignIntermediateOutput) Namespace 

func (o SecretBackendRootSignIntermediateOutput) Namespace() pulumi.StringPtrOutput

The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). *Available only for Vault Enterprise*.

func (SecretBackendRootSignIntermediateOutput) Organization 

func (o SecretBackendRootSignIntermediateOutput) Organization() pulumi.StringPtrOutput

The organization

func (SecretBackendRootSignIntermediateOutput) OtherSans 

func (o SecretBackendRootSignIntermediateOutput) OtherSans() pulumi.StringArrayOutput

List of other SANs

func (SecretBackendRootSignIntermediateOutput) Ou 

func (o SecretBackendRootSignIntermediateOutput) Ou() pulumi.StringPtrOutput

The organization unit

func (SecretBackendRootSignIntermediateOutput) PermittedDnsDomains 

func (o SecretBackendRootSignIntermediateOutput) PermittedDnsDomains() pulumi.StringArrayOutput

List of domains for which certificates are allowed to be issued

func (SecretBackendRootSignIntermediateOutput) PostalCode 

func (o SecretBackendRootSignIntermediateOutput) PostalCode() pulumi.StringPtrOutput

The postal code

func (SecretBackendRootSignIntermediateOutput) Province 

func (o SecretBackendRootSignIntermediateOutput) Province() pulumi.StringPtrOutput

The province

func (SecretBackendRootSignIntermediateOutput) Revoke 

func (o SecretBackendRootSignIntermediateOutput) Revoke() pulumi.BoolPtrOutput

If set to `true`, the certificate will be revoked on resource destruction.

func (SecretBackendRootSignIntermediateOutput) SerialNumber 

func (o SecretBackendRootSignIntermediateOutput) SerialNumber() pulumi.StringOutput

The certificate's serial number, hex formatted.

func (SecretBackendRootSignIntermediateOutput) StreetAddress 

func (o SecretBackendRootSignIntermediateOutput) StreetAddress() pulumi.StringPtrOutput

The street address

func (SecretBackendRootSignIntermediateOutput) ToSecretBackendRootSignIntermediateOutput 

func (o SecretBackendRootSignIntermediateOutput) ToSecretBackendRootSignIntermediateOutput() SecretBackendRootSignIntermediateOutput

func (SecretBackendRootSignIntermediateOutput) ToSecretBackendRootSignIntermediateOutputWithContext 

func (o SecretBackendRootSignIntermediateOutput) ToSecretBackendRootSignIntermediateOutputWithContext(ctx context.Context) SecretBackendRootSignIntermediateOutput

func (SecretBackendRootSignIntermediateOutput) Ttl 

func (o SecretBackendRootSignIntermediateOutput) Ttl() pulumi.StringPtrOutput

Time to live

func (SecretBackendRootSignIntermediateOutput) UriSans 

func (o SecretBackendRootSignIntermediateOutput) UriSans() pulumi.StringArrayOutput

List of alternative URIs

func (SecretBackendRootSignIntermediateOutput) UseCsrValues 

func (o SecretBackendRootSignIntermediateOutput) UseCsrValues() pulumi.BoolPtrOutput

Preserve CSR values

type SecretBackendRootSignIntermediateState 

type SecretBackendRootSignIntermediateState struct {
	// List of alternative names
	AltNames pulumi.StringArrayInput
	// The PKI secret backend the resource belongs to.
	Backend pulumi.StringPtrInput
	// A list of the issuing and intermediate CA certificates in the `format` specified.
	CaChains pulumi.StringArrayInput
	// The intermediate CA certificate in the `format` specified.
	Certificate pulumi.StringPtrInput
	// The concatenation of the intermediate CA and the issuing CA certificates (PEM encoded).
	// Requires the `format` to be set to any of: pem, pem_bundle. The value will be empty for all other formats.
	CertificateBundle pulumi.StringPtrInput
	// CN of intermediate to create
	CommonName pulumi.StringPtrInput
	// The country
	Country pulumi.StringPtrInput
	// The CSR
	Csr pulumi.StringPtrInput
	// Flag to exclude CN from SANs
	ExcludeCnFromSans pulumi.BoolPtrInput
	// The format of data
	Format pulumi.StringPtrInput
	// List of alternative IPs
	IpSans pulumi.StringArrayInput
	// Specifies the default issuer of this request. May
	// be the value `default`, a name, or an issuer ID. Use ACLs to prevent access to
	// the `/pki/issuer/:issuer_ref/{issue,sign}/:name` paths to prevent users
	// overriding the role's `issuerRef` value.
	IssuerRef pulumi.StringPtrInput
	// The issuing CA certificate in the `format` specified.
	IssuingCa pulumi.StringPtrInput
	// The locality
	Locality pulumi.StringPtrInput
	// The maximum path length to encode in the generated certificate
	MaxPathLength pulumi.IntPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// The organization
	Organization pulumi.StringPtrInput
	// List of other SANs
	OtherSans pulumi.StringArrayInput
	// The organization unit
	Ou pulumi.StringPtrInput
	// List of domains for which certificates are allowed to be issued
	PermittedDnsDomains pulumi.StringArrayInput
	// The postal code
	PostalCode pulumi.StringPtrInput
	// The province
	Province pulumi.StringPtrInput
	// If set to `true`, the certificate will be revoked on resource destruction.
	Revoke pulumi.BoolPtrInput
	// The certificate's serial number, hex formatted.
	SerialNumber pulumi.StringPtrInput
	// The street address
	StreetAddress pulumi.StringPtrInput
	// Time to live
	Ttl pulumi.StringPtrInput
	// List of alternative URIs
	UriSans pulumi.StringArrayInput
	// Preserve CSR values
	UseCsrValues pulumi.BoolPtrInput
}

func (SecretBackendRootSignIntermediateState) ElementType 

func (SecretBackendRootSignIntermediateState) ElementType() reflect.Type

type SecretBackendSign 

type SecretBackendSign struct {
	pulumi.CustomResourceState

	// List of alternative names
	AltNames pulumi.StringArrayOutput `pulumi:"altNames"`
	// If set to `true`, certs will be renewed if the expiration is within `minSecondsRemaining`. Default `false`
	AutoRenew pulumi.BoolPtrOutput `pulumi:"autoRenew"`
	// The PKI secret backend the resource belongs to.
	Backend pulumi.StringOutput `pulumi:"backend"`
	// The CA chain
	CaChains pulumi.StringArrayOutput `pulumi:"caChains"`
	// The certificate
	Certificate pulumi.StringOutput `pulumi:"certificate"`
	// CN of certificate to create
	CommonName pulumi.StringOutput `pulumi:"commonName"`
	// The CSR
	Csr pulumi.StringOutput `pulumi:"csr"`
	// Flag to exclude CN from SANs
	ExcludeCnFromSans pulumi.BoolPtrOutput `pulumi:"excludeCnFromSans"`
	// The expiration date of the certificate in unix epoch format
	Expiration pulumi.IntOutput `pulumi:"expiration"`
	// The format of data
	Format pulumi.StringPtrOutput `pulumi:"format"`
	// List of alternative IPs
	IpSans pulumi.StringArrayOutput `pulumi:"ipSans"`
	// Specifies the default issuer of this request. Can
	// be the value `default`, a name, or an issuer ID. Use ACLs to prevent access to
	// the `/pki/issuer/:issuer_ref/{issue,sign}/:name` paths to prevent users
	// overriding the role's `issuerRef` value.
	IssuerRef pulumi.StringPtrOutput `pulumi:"issuerRef"`
	// The issuing CA
	IssuingCa pulumi.StringOutput `pulumi:"issuingCa"`
	// Generate a new certificate when the expiration is within this number of seconds, default is 604800 (7 days)
	MinSecondsRemaining pulumi.IntPtrOutput `pulumi:"minSecondsRemaining"`
	// Name of the role to create the certificate against
	Name pulumi.StringOutput `pulumi:"name"`
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrOutput `pulumi:"namespace"`
	// List of other SANs
	OtherSans pulumi.StringArrayOutput `pulumi:"otherSans"`
	// `true` if the current time (during refresh) is after the start of the early renewal window declared by `minSecondsRemaining`, and `false` otherwise; if `autoRenew` is set to `true` then the provider will plan to replace the certificate once renewal is pending.
	RenewPending pulumi.BoolOutput `pulumi:"renewPending"`
	// The certificate's serial number, hex formatted.
	SerialNumber pulumi.StringOutput `pulumi:"serialNumber"`
	// Time to live
	Ttl pulumi.StringPtrOutput `pulumi:"ttl"`
	// List of alternative URIs
	UriSans pulumi.StringArrayOutput `pulumi:"uriSans"`
}

## Example Usage

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/pkiSecret"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := pkiSecret.NewSecretBackendSign(ctx, "test", &pkiSecret.SecretBackendSignArgs{
			Backend: pulumi.Any(vault_mount.Pki.Path),
			Csr: pulumi.String(`-----BEGIN CERTIFICATE REQUEST-----

MIIEqDCCApACAQAwYzELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUx ITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEcMBoGA1UEAwwTY2Vy dC50ZXN0Lm15LmRvbWFpbjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB AJupYCQ8UVCWII1Zof1c6YcSSaM9hEaDU78cfKP5RoSeH10BvrWRfT+mzCONVpNP CW9Iabtvk6hm0ot6ilnndEyVJbc0g7hdDLBX5BM25D+DGZGJRKUz1V+uBrWmXtIt Vonj7JTDTe7ViH0GDsB7CvqXFGXO2a2cDYBchLkL6vQiFPshxvUsLtwxuy/qdYgy X6ya+AUoZcoQGy1XxNjfH6cPtWSWQGEp1oPR6vL9hU3laTZb3C+VV4jZem+he8/0 V+qV6fLG92WTXm2hmf8nrtUqqJ+C7mW/RJod+TviviBadIX0OHXW7k5HVsZood01 te8vMRUNJNiZfa9EMIK5oncbQn0LcM3Wo9VrjpL7jREb/4HCS2gswYGv7hzk9cCS kVY4rDucchKbApuI3kfzmO7GFOF5eiSkYZpY/czNn7VVM3WCu6dpOX4+3rhgrZQw kY14L930DaLVRUgve/zKVP2D2GHdEOs+MbV7s96UgigT9pXly/yHPj+1sSYqmnaD 5b7jSeJusmzO/nrwXVGLsnezR87VzHl9Ux9g5s6zh+R+PrZuVxYsLvoUpaasH47O gIcBzSb/6pSGZKAUizmYsHsR1k88dAvsQ+FsUDaNokdi9VndEB4QPmiFmjyLV+0I 1TFoXop4sW11NPz1YCq+IxnYrEaIN3PyhY0GvBJDFY1/AgMBAAGgADANBgkqhkiG 9w0BAQsFAAOCAgEActuqnqS8Y9UF7e08w7tR3FPzGecWreuvxILrlFEZJxiLPFqL It7uJvtypCVQvz6UQzKdBYO7tMpRaWViB8DrWzXNZjLMrg+QHcpveg8C0Ett4scG fnvLk6fTDFYrnGvwHTqiHos5i0y3bFLyS1BGwSpdLAykGtvC+VM8mRyw/Y7CPcKN 77kebY/9xduW1g2uxWLr0x90RuQDv9psPojT+59tRLGSp5Kt0IeD3QtnAZEFE4aN vt+Pd69eg3BgZ8ZeDgoqAw3yppvOkpAFiE5pw2qPZaM4SRphl4d2Lek2zNIMyZqv do5zh356HOgXtDaSg0POnRGrN/Ua+LMCRTg6GEPUnx9uQb/zt8Zu0hIexDGyykp1 OGqtWlv/Nc8UYuS38v0BeB6bMPeoqQUjkqs8nHlAEFn0KlgYdtDC+7SdQx6wS4te dBKRNDfC4lS3jYJgs55jHqonZgkpSi3bamlxpfpW0ukGBcmq91wRe4bOw/4uD/vf UwqMWOdCYcU3mdYNjTWy22ORW3SGFQxMBwpUEURCSoeqWr6aJeQ7KAYkx1PrB5T8 OTEc13lWf+B0PU9UJuGTsmpIuImPDVd0EVDayr3mT5dDbqTVDbe8ppf2IswABmf0 o3DybUeUmknYjl109rdSf+76nuREICHatxXgN3xCMFuBaN4WLO+ksd6Y1Ys= -----END CERTIFICATE REQUEST----- `), 

			CommonName: pulumi.String("test.my.domain"),
		}, pulumi.DependsOn([]pulumi.Resource{
			vault_pki_secret_backend_role.Admin,
		}))
		if err != nil {
			return err
		}
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

func GetSecretBackendSign 

func GetSecretBackendSign(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *SecretBackendSignState, opts ...pulumi.ResourceOption) (*SecretBackendSign, error)

GetSecretBackendSign gets an existing SecretBackendSign resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewSecretBackendSign 

func NewSecretBackendSign(ctx *pulumi.Context,
	name string, args *SecretBackendSignArgs, opts ...pulumi.ResourceOption) (*SecretBackendSign, error)

NewSecretBackendSign registers a new resource with the given unique name, arguments, and options.

func (*SecretBackendSign) ElementType 

func (*SecretBackendSign) ElementType() reflect.Type

func (*SecretBackendSign) ToSecretBackendSignOutput 

func (i *SecretBackendSign) ToSecretBackendSignOutput() SecretBackendSignOutput

func (*SecretBackendSign) ToSecretBackendSignOutputWithContext 

func (i *SecretBackendSign) ToSecretBackendSignOutputWithContext(ctx context.Context) SecretBackendSignOutput

type SecretBackendSignArgs 

type SecretBackendSignArgs struct {
	// List of alternative names
	AltNames pulumi.StringArrayInput
	// If set to `true`, certs will be renewed if the expiration is within `minSecondsRemaining`. Default `false`
	AutoRenew pulumi.BoolPtrInput
	// The PKI secret backend the resource belongs to.
	Backend pulumi.StringInput
	// CN of certificate to create
	CommonName pulumi.StringInput
	// The CSR
	Csr pulumi.StringInput
	// Flag to exclude CN from SANs
	ExcludeCnFromSans pulumi.BoolPtrInput
	// The format of data
	Format pulumi.StringPtrInput
	// List of alternative IPs
	IpSans pulumi.StringArrayInput
	// Specifies the default issuer of this request. Can
	// be the value `default`, a name, or an issuer ID. Use ACLs to prevent access to
	// the `/pki/issuer/:issuer_ref/{issue,sign}/:name` paths to prevent users
	// overriding the role's `issuerRef` value.
	IssuerRef pulumi.StringPtrInput
	// Generate a new certificate when the expiration is within this number of seconds, default is 604800 (7 days)
	MinSecondsRemaining pulumi.IntPtrInput
	// Name of the role to create the certificate against
	Name pulumi.StringPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// List of other SANs
	OtherSans pulumi.StringArrayInput
	// Time to live
	Ttl pulumi.StringPtrInput
	// List of alternative URIs
	UriSans pulumi.StringArrayInput
}

The set of arguments for constructing a SecretBackendSign resource.

func (SecretBackendSignArgs) ElementType 

func (SecretBackendSignArgs) ElementType() reflect.Type

type SecretBackendSignArray 

type SecretBackendSignArray []SecretBackendSignInput

func (SecretBackendSignArray) ElementType 

func (SecretBackendSignArray) ElementType() reflect.Type

func (SecretBackendSignArray) ToSecretBackendSignArrayOutput 

func (i SecretBackendSignArray) ToSecretBackendSignArrayOutput() SecretBackendSignArrayOutput

func (SecretBackendSignArray) ToSecretBackendSignArrayOutputWithContext 

func (i SecretBackendSignArray) ToSecretBackendSignArrayOutputWithContext(ctx context.Context) SecretBackendSignArrayOutput

type SecretBackendSignArrayInput 

type SecretBackendSignArrayInput interface {
	pulumi.Input

	ToSecretBackendSignArrayOutput() SecretBackendSignArrayOutput
	ToSecretBackendSignArrayOutputWithContext(context.Context) SecretBackendSignArrayOutput
}

SecretBackendSignArrayInput is an input type that accepts SecretBackendSignArray and SecretBackendSignArrayOutput values. You can construct a concrete instance of `SecretBackendSignArrayInput` via: 

SecretBackendSignArray{ SecretBackendSignArgs{...} }

type SecretBackendSignArrayOutput 

type SecretBackendSignArrayOutput struct{ *pulumi.OutputState }

func (SecretBackendSignArrayOutput) ElementType 

func (SecretBackendSignArrayOutput) ElementType() reflect.Type

func (SecretBackendSignArrayOutput) Index 

func (o SecretBackendSignArrayOutput) Index(i pulumi.IntInput) SecretBackendSignOutput

func (SecretBackendSignArrayOutput) ToSecretBackendSignArrayOutput 

func (o SecretBackendSignArrayOutput) ToSecretBackendSignArrayOutput() SecretBackendSignArrayOutput

func (SecretBackendSignArrayOutput) ToSecretBackendSignArrayOutputWithContext 

func (o SecretBackendSignArrayOutput) ToSecretBackendSignArrayOutputWithContext(ctx context.Context) SecretBackendSignArrayOutput

type SecretBackendSignInput 

type SecretBackendSignInput interface {
	pulumi.Input

	ToSecretBackendSignOutput() SecretBackendSignOutput
	ToSecretBackendSignOutputWithContext(ctx context.Context) SecretBackendSignOutput
}

type SecretBackendSignMap 

type SecretBackendSignMap map[string]SecretBackendSignInput

func (SecretBackendSignMap) ElementType 

func (SecretBackendSignMap) ElementType() reflect.Type

func (SecretBackendSignMap) ToSecretBackendSignMapOutput 

func (i SecretBackendSignMap) ToSecretBackendSignMapOutput() SecretBackendSignMapOutput

func (SecretBackendSignMap) ToSecretBackendSignMapOutputWithContext 

func (i SecretBackendSignMap) ToSecretBackendSignMapOutputWithContext(ctx context.Context) SecretBackendSignMapOutput

type SecretBackendSignMapInput 

type SecretBackendSignMapInput interface {
	pulumi.Input

	ToSecretBackendSignMapOutput() SecretBackendSignMapOutput
	ToSecretBackendSignMapOutputWithContext(context.Context) SecretBackendSignMapOutput
}

SecretBackendSignMapInput is an input type that accepts SecretBackendSignMap and SecretBackendSignMapOutput values. You can construct a concrete instance of `SecretBackendSignMapInput` via: 

SecretBackendSignMap{ "key": SecretBackendSignArgs{...} }

type SecretBackendSignMapOutput 

type SecretBackendSignMapOutput struct{ *pulumi.OutputState }

func (SecretBackendSignMapOutput) ElementType 

func (SecretBackendSignMapOutput) ElementType() reflect.Type

func (SecretBackendSignMapOutput) MapIndex 

func (o SecretBackendSignMapOutput) MapIndex(k pulumi.StringInput) SecretBackendSignOutput

func (SecretBackendSignMapOutput) ToSecretBackendSignMapOutput 

func (o SecretBackendSignMapOutput) ToSecretBackendSignMapOutput() SecretBackendSignMapOutput

func (SecretBackendSignMapOutput) ToSecretBackendSignMapOutputWithContext 

func (o SecretBackendSignMapOutput) ToSecretBackendSignMapOutputWithContext(ctx context.Context) SecretBackendSignMapOutput

type SecretBackendSignOutput 

type SecretBackendSignOutput struct{ *pulumi.OutputState }

func (SecretBackendSignOutput) AltNames 

func (o SecretBackendSignOutput) AltNames() pulumi.StringArrayOutput

List of alternative names

func (SecretBackendSignOutput) AutoRenew 

func (o SecretBackendSignOutput) AutoRenew() pulumi.BoolPtrOutput

If set to `true`, certs will be renewed if the expiration is within `minSecondsRemaining`. Default `false`

func (SecretBackendSignOutput) Backend 

func (o SecretBackendSignOutput) Backend() pulumi.StringOutput

The PKI secret backend the resource belongs to.

func (SecretBackendSignOutput) CaChains 

func (o SecretBackendSignOutput) CaChains() pulumi.StringArrayOutput

The CA chain

func (SecretBackendSignOutput) Certificate 

func (o SecretBackendSignOutput) Certificate() pulumi.StringOutput

The certificate

func (SecretBackendSignOutput) CommonName 

func (o SecretBackendSignOutput) CommonName() pulumi.StringOutput

CN of certificate to create

func (SecretBackendSignOutput) Csr 

func (o SecretBackendSignOutput) Csr() pulumi.StringOutput

The CSR

func (SecretBackendSignOutput) ElementType 

func (SecretBackendSignOutput) ElementType() reflect.Type

func (SecretBackendSignOutput) ExcludeCnFromSans 

func (o SecretBackendSignOutput) ExcludeCnFromSans() pulumi.BoolPtrOutput

Flag to exclude CN from SANs

func (SecretBackendSignOutput) Expiration 

func (o SecretBackendSignOutput) Expiration() pulumi.IntOutput

The expiration date of the certificate in unix epoch format

func (SecretBackendSignOutput) Format 

func (o SecretBackendSignOutput) Format() pulumi.StringPtrOutput

The format of data

func (SecretBackendSignOutput) IpSans 

func (o SecretBackendSignOutput) IpSans() pulumi.StringArrayOutput

List of alternative IPs

func (SecretBackendSignOutput) IssuerRef 

func (o SecretBackendSignOutput) IssuerRef() pulumi.StringPtrOutput

Specifies the default issuer of this request. Can be the value `default`, a name, or an issuer ID. Use ACLs to prevent access to the `/pki/issuer/:issuer_ref/{issue,sign}/:name` paths to prevent users overriding the role's `issuerRef` value.

func (SecretBackendSignOutput) IssuingCa 

func (o SecretBackendSignOutput) IssuingCa() pulumi.StringOutput

The issuing CA

func (SecretBackendSignOutput) MinSecondsRemaining 

func (o SecretBackendSignOutput) MinSecondsRemaining() pulumi.IntPtrOutput

Generate a new certificate when the expiration is within this number of seconds, default is 604800 (7 days)

func (SecretBackendSignOutput) Name 

func (o SecretBackendSignOutput) Name() pulumi.StringOutput

Name of the role to create the certificate against

func (SecretBackendSignOutput) Namespace 

func (o SecretBackendSignOutput) Namespace() pulumi.StringPtrOutput

The namespace to provision the resource in. The value should not contain leading or trailing forward slashes. The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace). *Available only for Vault Enterprise*.

func (SecretBackendSignOutput) OtherSans 

func (o SecretBackendSignOutput) OtherSans() pulumi.StringArrayOutput

List of other SANs

func (SecretBackendSignOutput) RenewPending 

func (o SecretBackendSignOutput) RenewPending() pulumi.BoolOutput

`true` if the current time (during refresh) is after the start of the early renewal window declared by `minSecondsRemaining`, and `false` otherwise; if `autoRenew` is set to `true` then the provider will plan to replace the certificate once renewal is pending.

func (SecretBackendSignOutput) SerialNumber 

func (o SecretBackendSignOutput) SerialNumber() pulumi.StringOutput

The certificate's serial number, hex formatted.

func (SecretBackendSignOutput) ToSecretBackendSignOutput 

func (o SecretBackendSignOutput) ToSecretBackendSignOutput() SecretBackendSignOutput

func (SecretBackendSignOutput) ToSecretBackendSignOutputWithContext 

func (o SecretBackendSignOutput) ToSecretBackendSignOutputWithContext(ctx context.Context) SecretBackendSignOutput

func (SecretBackendSignOutput) Ttl 

func (o SecretBackendSignOutput) Ttl() pulumi.StringPtrOutput

Time to live

func (SecretBackendSignOutput) UriSans 

func (o SecretBackendSignOutput) UriSans() pulumi.StringArrayOutput

List of alternative URIs

type SecretBackendSignState 

type SecretBackendSignState struct {
	// List of alternative names
	AltNames pulumi.StringArrayInput
	// If set to `true`, certs will be renewed if the expiration is within `minSecondsRemaining`. Default `false`
	AutoRenew pulumi.BoolPtrInput
	// The PKI secret backend the resource belongs to.
	Backend pulumi.StringPtrInput
	// The CA chain
	CaChains pulumi.StringArrayInput
	// The certificate
	Certificate pulumi.StringPtrInput
	// CN of certificate to create
	CommonName pulumi.StringPtrInput
	// The CSR
	Csr pulumi.StringPtrInput
	// Flag to exclude CN from SANs
	ExcludeCnFromSans pulumi.BoolPtrInput
	// The expiration date of the certificate in unix epoch format
	Expiration pulumi.IntPtrInput
	// The format of data
	Format pulumi.StringPtrInput
	// List of alternative IPs
	IpSans pulumi.StringArrayInput
	// Specifies the default issuer of this request. Can
	// be the value `default`, a name, or an issuer ID. Use ACLs to prevent access to
	// the `/pki/issuer/:issuer_ref/{issue,sign}/:name` paths to prevent users
	// overriding the role's `issuerRef` value.
	IssuerRef pulumi.StringPtrInput
	// The issuing CA
	IssuingCa pulumi.StringPtrInput
	// Generate a new certificate when the expiration is within this number of seconds, default is 604800 (7 days)
	MinSecondsRemaining pulumi.IntPtrInput
	// Name of the role to create the certificate against
	Name pulumi.StringPtrInput
	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The `namespace` is always relative to the provider's configured [namespace](https://www.terraform.io/docs/providers/vault/index.html#namespace).
	// *Available only for Vault Enterprise*.
	Namespace pulumi.StringPtrInput
	// List of other SANs
	OtherSans pulumi.StringArrayInput
	// `true` if the current time (during refresh) is after the start of the early renewal window declared by `minSecondsRemaining`, and `false` otherwise; if `autoRenew` is set to `true` then the provider will plan to replace the certificate once renewal is pending.
	RenewPending pulumi.BoolPtrInput
	// The certificate's serial number, hex formatted.
	SerialNumber pulumi.StringPtrInput
	// Time to live
	Ttl pulumi.StringPtrInput
	// List of alternative URIs
	UriSans pulumi.StringArrayInput
}

func (SecretBackendSignState) ElementType 

func (SecretBackendSignState) ElementType() reflect.Type

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.